☆13Feb 25, 2023Updated 3 years ago
Alternatives and similar repositories for AmsiBypass123
Users that are interested in AmsiBypass123 are comparing it to the libraries listed below
Sorting:
- Yet, Another Packer/Loader☆25Feb 26, 2023Updated 3 years ago
- NTAPI hook bypass with (semi) legit stack trace☆19May 9, 2023Updated 2 years ago
- Azure APIs enumeration and abuse☆12Feb 26, 2026Updated last week
- Tool to obtain hash using MS-SNTP for user accounts☆29Jan 22, 2025Updated last year
- Attempts to suspend all known AV/EDRs processes on Windows using syscalls and the undocumented NtSuspendProcess API. Made with <3 for pen…☆13May 11, 2023Updated 2 years ago
- Small collection of Active Directory pentesting tools.☆32Jan 29, 2024Updated 2 years ago
- Custom Python shellcode encryptor and obfuscator☆14Jul 31, 2025Updated 7 months ago
- Here you can find some vulnerable Windows Kernel Drivers☆13Feb 21, 2025Updated last year
- Indirect Syscall invocation via thread hijacking☆26May 5, 2023Updated 2 years ago
- Tool for pivoting over SMB pipes☆16Jul 20, 2019Updated 6 years ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆97Mar 20, 2023Updated 2 years ago
- Passworld is a fully customizable wordlist generator☆16Sep 13, 2024Updated last year
- PoC arbitrary WPM without a process handle☆20Jul 22, 2023Updated 2 years ago
- Tools for analyzing Windows containers and break container's isolation☆33Aug 2, 2022Updated 3 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆90Dec 15, 2022Updated 3 years ago
- PoC MSI payload based on ASEC/AhnLab's blog post☆24Sep 19, 2022Updated 3 years ago
- ☆22Jul 29, 2021Updated 4 years ago
- Experience the power of a PHP webshell designed to overcome the limitations of blacklisted system/exec functions.☆26Jul 14, 2024Updated last year
- lnk_parser is a full rust implementation to parse windows LNK files☆23Feb 17, 2026Updated 2 weeks ago
- Modified version of Impacket to use dynamic NTLMv2 Challenge/Response☆20Dec 26, 2022Updated 3 years ago
- An injector that aims to be stealthy by using non suspicious API calls. Inspired by (https://github.com/FuzzySecurity/Sharp-Suite/tree/ma…☆24Jun 17, 2020Updated 5 years ago
- UAC_wenpon☆49Nov 25, 2021Updated 4 years ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆71Feb 11, 2024Updated 2 years ago
- Exploits, Exploits, Exploits and more Exploits!☆34Nov 7, 2020Updated 5 years ago
- A Crystal Palace shared library to resolve & perform syscalls☆57Oct 29, 2025Updated 4 months ago
- Beacon Object File to locate and suspend the threads hosting the Event Log service☆29Jun 17, 2022Updated 3 years ago
- reverse socks tunneler with ntlm and proxy support☆28Nov 24, 2019Updated 6 years ago
- GetModuleHandle (via PEB) and GetProcAddress (via EAT) like☆32Feb 7, 2022Updated 4 years ago
- Remote PE reflective injection with a simple reflective loader☆32Jun 28, 2019Updated 6 years ago
- Reverse TCP Powershell has never been this paranoid. (basically an Opsec-safe reverse powershell)☆30Feb 4, 2022Updated 4 years ago
- ☆29Oct 19, 2024Updated last year
- 自用的shellcode生成框架☆33Jul 5, 2023Updated 2 years ago
- 将PE文件进行AES加密,然后从远程拉取加载内存中实现免杀☆37Mar 1, 2023Updated 3 years ago
- Lists of AMSI triggers (VBA, JScript / VBScript)☆33Jun 28, 2019Updated 6 years ago
- Shadowsocks-like proxy written in Go☆37Dec 18, 2019Updated 6 years ago
- A Python script that embeds Target VBS into LNK and when executed runs the VBS script from within.☆33Dec 5, 2022Updated 3 years ago
- Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation☆31Sep 24, 2022Updated 3 years ago
- The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls☆229Jan 20, 2024Updated 2 years ago
- Use COM Component Bypass UAC,Dll Version☆36Apr 17, 2021Updated 4 years ago