pathtofile / SimpleAmsiProvider
A simple provider to analyse what gets passed into Microsoft's Anti-Malware Scan Interface
☆13Updated 4 years ago
Related projects: ⓘ
- A tool to create COM class/interface relationships in neo4j☆47Updated last year
- ☆40Updated this week
- ☆23Updated 2 years ago
- Experiments on the Windows Internals☆30Updated 4 years ago
- ☆10Updated this week
- Adapt practically persistence steadiness strategies working at Windows 10 utilized by sponsored nation-state threat actors, as Turla, Pro…☆19Updated 3 years ago
- A C port of b33f's UrbanBishop☆35Updated 3 years ago
- An example of COM hijacking using a proxy DLL.☆20Updated 3 years ago
- A spiritual .NET equivalent to the Gargoyle memory scanning evasion technique☆50Updated 5 years ago
- Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.☆74Updated 4 years ago
- Simple tool to use LsaManageSidNameMapping get LSA to add or remove SID to name mappings.☆23Updated 3 years ago
- ☆10Updated 4 years ago
- ☆21Updated this week
- POC code to crash Windows Event Logger Service☆25Updated 3 years ago
- Demos of Donut used in conferences, etc. Mostly for my use, but free for others to use as a reference.☆30Updated 4 years ago
- The repository accompanying the Buer Emulation workshop☆23Updated 3 years ago
- ☆15Updated 3 years ago
- ☆31Updated 7 years ago
- Extended Process List (Search functionality)☆27Updated 3 years ago
- Dump Lsass Memory Using a Reflective Dll☆14Updated 2 years ago
- ☆45Updated 6 years ago
- ☆15Updated 3 years ago
- ☆28Updated this week
- ☆44Updated 3 years ago
- C# code to run PIC using CreateThread☆16Updated 5 years ago
- (Sim)ulate (Ba)zar Loader☆29Updated 3 years ago
- ☆17Updated 3 years ago
- C# Implementation of Jared Atkinson's Get-InjectedThread.ps1☆49Updated 3 years ago
- ☆20Updated 3 years ago