A simple provider to analyse what gets passed into Microsoft's Anti-Malware Scan Interface
☆17Jan 10, 2020Updated 6 years ago
Alternatives and similar repositories for SimpleAmsiProvider
Users that are interested in SimpleAmsiProvider are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Weaponizing CLRvoyance for Post-Ex .NET Execution☆39Jul 15, 2021Updated 4 years ago
- WinHTTP example☆17Feb 6, 2016Updated 10 years ago
- A tool to sync mythic events with ghostwriter oplog.☆14Nov 21, 2024Updated last year
- handle elevation using bedaisy.☆12Aug 17, 2020Updated 5 years ago
- Windows Kernel Driver dlls injector using APC☆68Aug 11, 2018Updated 7 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …☆113Apr 20, 2021Updated 5 years ago
- Random code snippets☆12Oct 27, 2023Updated 2 years ago
- Open-source EDR kernel-component for system monitoring and DLL injection☆33Nov 14, 2020Updated 5 years ago
- Draugnet is a lightweight, open-source tool for anonymous cyber threat reporting. Built for the MISP ecosystem, it lets users submit and …☆20Mar 24, 2026Updated last month
- Get a list of installed software in a safe manner☆11Aug 7, 2017Updated 8 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆38Jul 27, 2021Updated 4 years ago
- In 'n Out - See what goes in and comes out of PEs☆35May 12, 2022Updated 4 years ago
- Swift code to parse the quarantine history database, Chrome history database, Safari history database, and Firefox history database on ma…☆16Dec 3, 2020Updated 5 years ago
- Detour library (x64 and x86 compatible)☆14Dec 15, 2020Updated 5 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- ☆13Dec 27, 2023Updated 2 years ago
- unit testing framework for C/C++☆10Mar 1, 2020Updated 6 years ago
- Assorted Cereals☆10Nov 13, 2021Updated 4 years ago
- VMDK Forensic Artifact Extractor (VFAE) is windows based tool written in C++ that extracts files with a known location from VMDK images r…☆17Aug 7, 2015Updated 10 years ago
- A JXA script for enumerating running processes, printed out in a json, parent-child tree.☆14Jan 28, 2022Updated 4 years ago
- ☆49May 12, 2021Updated 5 years ago
- ☆23Oct 28, 2020Updated 5 years ago
- Assorted, MIT licensed, threat hunting rules from @bradleyjkemp☆14Mar 11, 2022Updated 4 years ago
- Simple DLL and client app that work together to hook all the functions in WinHvPlatform.dll in order to provide logging and introspection…☆22Dec 1, 2021Updated 4 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Process hiding library☆19Feb 23, 2020Updated 6 years ago
- Detects if a Kernel mode debugger is active by reading the value of KUSER_SHARED_DATA.KdDebuggerEnabled. It is a high level and portable …☆25Sep 18, 2017Updated 8 years ago
- Remote Thread Detection with a Kernel Driver☆35Jan 14, 2025Updated last year
- ☆15May 26, 2021Updated 4 years ago
- File system minifilter driver for Windows to block symbolic link attacks.☆51Dec 16, 2020Updated 5 years ago
- PoC memory injection detection agent based on ETW, for offensive and defensive research purposes☆298Apr 10, 2021Updated 5 years ago
- ☆41Apr 5, 2025Updated last year
- Run Processes as PPL with ELAM☆176Mar 17, 2022Updated 4 years ago
- JXA script for Mythic that prints the TCC.db☆15Apr 18, 2021Updated 5 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- BOF implementations of CVE-2024-26229 for Cobalt Strike and BruteRatel☆27Jun 13, 2024Updated last year
- Shellcode Of Death☆43Aug 31, 2013Updated 12 years ago
- WORK IN PROGRESS. RAT written in C++ using Win32 API☆20Sep 12, 2019Updated 6 years ago
- [POC Detected]Bypass BE Anti Dll Injection (POC/Need Driver)☆17Mar 30, 2020Updated 6 years ago
- Catalog Red Team techniques that cause popups in various macOS versions☆15Nov 18, 2024Updated last year
- Simple remote administration tool. Written in c++ and MASM.☆18May 16, 2018Updated 8 years ago
- ☆15Nov 25, 2021Updated 4 years ago