A simple provider to analyse what gets passed into Microsoft's Anti-Malware Scan Interface
☆17Jan 10, 2020Updated 6 years ago
Alternatives and similar repositories for SimpleAmsiProvider
Users that are interested in SimpleAmsiProvider are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Weaponizing CLRvoyance for Post-Ex .NET Execution☆38Jul 15, 2021Updated 4 years ago
- WinHTTP example☆17Feb 6, 2016Updated 10 years ago
- A tool to sync mythic events with ghostwriter oplog.☆14Nov 21, 2024Updated last year
- Miscellaneous examples for use with Cobalt Strike Beacon☆10Nov 19, 2020Updated 5 years ago
- handle elevation using bedaisy.☆12Aug 17, 2020Updated 5 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Windows Kernel Driver dlls injector using APC☆67Aug 11, 2018Updated 7 years ago
- Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …☆113Apr 20, 2021Updated 4 years ago
- Random code snippets☆12Oct 27, 2023Updated 2 years ago
- Open-source EDR kernel-component for system monitoring and DLL injection☆33Nov 14, 2020Updated 5 years ago
- Get a list of installed software in a safe manner☆11Aug 7, 2017Updated 8 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆37Jul 27, 2021Updated 4 years ago
- In 'n Out - See what goes in and comes out of PEs☆35May 12, 2022Updated 3 years ago
- Swift code to parse the quarantine history database, Chrome history database, Safari history database, and Firefox history database on ma…☆16Dec 3, 2020Updated 5 years ago
- Detour library (x64 and x86 compatible)☆14Dec 15, 2020Updated 5 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- ☆13Dec 27, 2023Updated 2 years ago
- unit testing framework for C/C++☆10Mar 1, 2020Updated 6 years ago
- Assorted Cereals☆10Nov 13, 2021Updated 4 years ago
- VMDK Forensic Artifact Extractor (VFAE) is windows based tool written in C++ that extracts files with a known location from VMDK images r…☆17Aug 7, 2015Updated 10 years ago
- Easily serve HTTP and DNS keys for proper payload protection☆59Nov 10, 2018Updated 7 years ago
- Remote Thread Detection with a Kernel Driver☆34Jan 14, 2025Updated last year
- A JXA script for enumerating running processes, printed out in a json, parent-child tree.☆14Jan 28, 2022Updated 4 years ago
- ☆50May 12, 2021Updated 4 years ago
- ☆23Oct 28, 2020Updated 5 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Assorted, MIT licensed, threat hunting rules from @bradleyjkemp☆14Mar 11, 2022Updated 4 years ago
- Simple DLL and client app that work together to hook all the functions in WinHvPlatform.dll in order to provide logging and introspection…☆21Dec 1, 2021Updated 4 years ago
- Process hiding library☆19Feb 23, 2020Updated 6 years ago
- Detects if a Kernel mode debugger is active by reading the value of KUSER_SHARED_DATA.KdDebuggerEnabled. It is a high level and portable …☆25Sep 18, 2017Updated 8 years ago
- File system minifilter driver for Windows to block symbolic link attacks.☆51Dec 16, 2020Updated 5 years ago
- PoC memory injection detection agent based on ETW, for offensive and defensive research purposes☆300Apr 10, 2021Updated 4 years ago
- ☆41Apr 5, 2025Updated last year
- Run Processes as PPL with ELAM☆177Mar 17, 2022Updated 4 years ago
- JXA script for Mythic that prints the TCC.db☆15Apr 18, 2021Updated 4 years ago
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- Shellcode Of Death☆43Aug 31, 2013Updated 12 years ago
- 实战基于KMDF的磁盘写保护☆13Jul 5, 2022Updated 3 years ago
- WORK IN PROGRESS. RAT written in C++ using Win32 API☆20Sep 12, 2019Updated 6 years ago
- [POC Detected]Bypass BE Anti Dll Injection (POC/Need Driver)☆17Mar 30, 2020Updated 6 years ago
- Catalog Red Team techniques that cause popups in various macOS versions☆15Nov 18, 2024Updated last year
- Simple remote administration tool. Written in c++ and MASM.☆18May 16, 2018Updated 7 years ago
- ☆15Nov 25, 2021Updated 4 years ago