PowerShell runner for executing malicious payloads in order to bypass Windows Defender.
☆73Nov 22, 2021Updated 4 years ago
Alternatives and similar repositories for PowerShellRunner
Users that are interested in PowerShellRunner are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- .bin file to shellcode convertor☆39Jul 5, 2024Updated last year
- NukeAMSI is a powerful tool designed to neutralize the Antimalware Scan Interface (AMSI) in Windows environments.☆176Dec 19, 2025Updated 3 months ago
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- Process injection via KernelCallbackTable☆13Jan 28, 2022Updated 4 years ago
- Backport of SliverStager to work with DotNetToJScript for vba☆17Aug 9, 2024Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- A solution to create obfuscated shellcode from msfvenom for PowerShell.☆26Aug 3, 2022Updated 3 years ago
- ☆14Dec 5, 2024Updated last year
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- ☆14Mar 19, 2024Updated 2 years ago
- LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and r…☆385Apr 26, 2025Updated 11 months ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆195Nov 27, 2024Updated last year
- CloudflaredRAT is a simple combination of popular open-source tools, wrapping a local-facing shell with Cloudflares Argo Tunnel in an exe…☆14Oct 30, 2020Updated 5 years ago
- micr0shell is a Python script that dynamically generates Windows X64 PIC Null-Free reverse shell shellcode.☆211Jul 21, 2024Updated last year
- Shellcode and In-PowerShell solution for patching AMSI via Page Guard Exceptions☆64Nov 15, 2025Updated 4 months ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Examples of various container types for Python and Golang☆15Aug 29, 2025Updated 7 months ago
- Shellcode reflective DLL injection in Rust☆27Dec 26, 2025Updated 3 months ago
- A C# Tool to gather information about email breaches☆16Dec 21, 2023Updated 2 years ago
- Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without …☆230Oct 6, 2024Updated last year
- smugglo - an easy to use script for wrapping files into self-dropping HTML payloads to bypass content filters☆131Mar 25, 2025Updated last year
- A Golang CLI for the MITRE ATT&CK Framework☆14Apr 28, 2025Updated 11 months ago
- Leveraging AWS Lambda Function URLs for C2 Redirection☆46Aug 30, 2023Updated 2 years ago
- ☆335May 29, 2023Updated 2 years ago
- Various methods of executing shellcode☆74Mar 27, 2023Updated 3 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- ☆22Jul 15, 2023Updated 2 years ago
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆97Apr 27, 2025Updated 11 months ago
- Beacon Object File PoC implementation of KillDefender☆235Apr 12, 2022Updated 3 years ago
- ☆29Aug 24, 2025Updated 7 months ago
- C# Based Universal API Unhooker - Automatically Unhook API Hives (ntdll.dll,kernel32.dll,user32.dll,and kernelbase.dll)☆25Mar 7, 2023Updated 3 years ago
- An in-depth approach to obfuscating the individual components of a PowerShell payload whether you're on Windows or Kali Linux.☆286Aug 5, 2022Updated 3 years ago
- Sleep obfuscation in golang based on ekko☆14Jan 16, 2024Updated 2 years ago
- Find vulnerabilities in AD Group Policy, but do it better than Grouper2 did.☆890Apr 8, 2025Updated last year
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆593Jun 12, 2024Updated last year
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the …☆1,844Nov 3, 2024Updated last year
- PowerShell Obfuscation and Data Science☆183May 4, 2022Updated 3 years ago
- Top hashpwn rules☆20Dec 12, 2025Updated 3 months ago
- A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.☆164Oct 31, 2024Updated last year
- Generate AES128 and AES256 Kerberos keys from a given username, password, and realm☆18Sep 18, 2024Updated last year
- This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and down…☆257May 25, 2023Updated 2 years ago
- This project is an AES loader for c2 shellcode☆36Jan 24, 2024Updated 2 years ago