pathtofile / SimpleAmsiProviderLinks
A simple provider to analyse what gets passed into Microsoft's Anti-Malware Scan Interface
☆16Updated 5 years ago
Alternatives and similar repositories for SimpleAmsiProvider
Users that are interested in SimpleAmsiProvider are comparing it to the libraries listed below
Sorting:
- A tool to create COM class/interface relationships in neo4j☆50Updated 2 years ago
- ☆36Updated 3 years ago
- Uses WMI Event Win32_ModuleLoadTrace to monitor module loading. Provides filters, and detailed data. Has an option to monitor for CLR Inj…☆42Updated 6 years ago
- ☆31Updated 5 years ago
- ☆18Updated 6 years ago
- Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.☆77Updated 5 years ago
- Sysmon shenanigans☆66Updated 4 years ago
- ☆24Updated 3 years ago
- ☆15Updated 4 years ago
- A spiritual .NET equivalent to the Gargoyle memory scanning evasion technique☆52Updated 6 years ago
- ☆21Updated 4 years ago
- ☆36Updated 6 years ago
- Simple tool to use LsaManageSidNameMapping get LSA to add or remove SID to name mappings.☆23Updated 4 years ago
- Clone running process with ZwCreateProcess☆58Updated 4 years ago
- Windows GPU rootkit PoC by Team Jellyfish☆36Updated 10 years ago
- ☆34Updated 8 years ago
- The repository accompanying the Buer Emulation workshop☆24Updated 4 years ago
- A small commented POC for removing API hooks placed by AV/EDR.☆34Updated 5 years ago
- A C port of b33f's UrbanBishop☆38Updated 4 years ago
- ☆16Updated 4 years ago
- really ?☆12Updated last year
- A simple dumper as FreshyCalls' PoC. That's what's trendy, isn't it? ¯\_(ツ)_/¯☆39Updated 4 years ago
- Antivirus Emulator Fingerprints☆29Updated 6 years ago
- ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Ima…☆40Updated 2 years ago
- POC code to crash Windows Event Logger Service☆27Updated 4 years ago
- Specialized tool to dump Position Independent Code.☆22Updated 5 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆31Updated 3 years ago
- IBM RedCON 2020 - Throwing an AquaWrench into the Kernel☆44Updated 5 years ago
- Tool to manage user privileges☆29Updated 5 years ago
- Loads .NET Assembly Via CLR Loader☆16Updated 6 years ago