dobin / avred-server
The AMSI server for Avred
☆29Updated last year
Alternatives and similar repositories for avred-server:
Users that are interested in avred-server are comparing it to the libraries listed below
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆51Updated last year
- The Web UI for Antnium☆26Updated 2 years ago
- A proof-of-concept created for academic/learning purposes, demonstrating both local and remote use of VSTO "Add-In's" maliciously☆31Updated 2 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆52Updated 2 years ago
- Small tool to play with IOCs caused by Imageload events☆42Updated last year
- A work in progress BOF/COFF loader in Rust☆47Updated 2 years ago
- API Hammering with C++20☆46Updated 2 years ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆39Updated last year
- Linux Sleep Obfuscation☆95Updated last year
- a variety of tools,scripts and techniques developed and shared with different programming languages by 0xsp Lab☆63Updated 4 months ago
- Windows x64 Process Injection via Ghostwriting with Dynamic Configuration☆29Updated 3 years ago
- load dumped csharp binaries as assemblies and launch them in memory☆26Updated last year
- I have documented all of the AMSI patches that I learned till now☆71Updated last month
- ☆53Updated last year
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 3 years ago
- Python module for running BOFs☆70Updated last year
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated last year
- A more reliable way of resolving syscall numbers in Windows☆49Updated last year
- ☆34Updated 3 weeks ago
- ☆48Updated last year
- ☆28Updated 10 months ago
- Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL☆21Updated 2 years ago
- ☆40Updated 2 years ago
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆24Updated 3 weeks ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆32Updated 2 years ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆22Updated last year
- Collection of Rust repos useful for Red Teamers.☆32Updated 2 years ago
- ☆98Updated last year
- Sleep Obfuscation☆45Updated 2 years ago
- ☆30Updated last month