A simple provider to analyse what gets passed into Microsoft's Anti-Malware Scan Interface
☆16Jan 10, 2020Updated 6 years ago
Alternatives and similar repositories for SimpleAmsiProvider
Users that are interested in SimpleAmsiProvider are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Weaponizing CLRvoyance for Post-Ex .NET Execution☆38Jul 15, 2021Updated 4 years ago
- WinHTTP example☆17Feb 6, 2016Updated 10 years ago
- A tool to sync mythic events with ghostwriter oplog.☆14Nov 21, 2024Updated last year
- handle elevation using bedaisy.☆12Aug 17, 2020Updated 5 years ago
- Windows Kernel Driver dlls injector using APC☆66Aug 11, 2018Updated 7 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …☆113Apr 20, 2021Updated 5 years ago
- Random code snippets☆12Oct 27, 2023Updated 2 years ago
- Open-source EDR kernel-component for system monitoring and DLL injection☆33Nov 14, 2020Updated 5 years ago
- Get a list of installed software in a safe manner☆11Aug 7, 2017Updated 8 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆38Jul 27, 2021Updated 4 years ago
- In 'n Out - See what goes in and comes out of PEs☆35May 12, 2022Updated 3 years ago
- Swift code to parse the quarantine history database, Chrome history database, Safari history database, and Firefox history database on ma…☆16Dec 3, 2020Updated 5 years ago
- Detour library (x64 and x86 compatible)☆14Dec 15, 2020Updated 5 years ago
- ☆13Dec 27, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- unit testing framework for C/C++☆10Mar 1, 2020Updated 6 years ago
- Assorted Cereals☆10Nov 13, 2021Updated 4 years ago
- Browser Vulnerability Exploit DB(浏览器漏洞PoC数据库)☆10Feb 7, 2017Updated 9 years ago
- VMDK Forensic Artifact Extractor (VFAE) is windows based tool written in C++ that extracts files with a known location from VMDK images r…☆17Aug 7, 2015Updated 10 years ago
- Easily serve HTTP and DNS keys for proper payload protection☆58Nov 10, 2018Updated 7 years ago
- A JXA script for enumerating running processes, printed out in a json, parent-child tree.☆14Jan 28, 2022Updated 4 years ago
- ☆49May 12, 2021Updated 4 years ago
- ☆23Oct 28, 2020Updated 5 years ago
- Assorted, MIT licensed, threat hunting rules from @bradleyjkemp☆14Mar 11, 2022Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Simple DLL and client app that work together to hook all the functions in WinHvPlatform.dll in order to provide logging and introspection…☆21Dec 1, 2021Updated 4 years ago
- Process hiding library☆19Feb 23, 2020Updated 6 years ago
- Detects if a Kernel mode debugger is active by reading the value of KUSER_SHARED_DATA.KdDebuggerEnabled. It is a high level and portable …☆25Sep 18, 2017Updated 8 years ago
- Remote Thread Detection with a Kernel Driver☆35Jan 14, 2025Updated last year
- File system minifilter driver for Windows to block symbolic link attacks.☆51Dec 16, 2020Updated 5 years ago
- ☆15May 26, 2021Updated 4 years ago
- PoC memory injection detection agent based on ETW, for offensive and defensive research purposes☆299Apr 10, 2021Updated 5 years ago
- Run Processes as PPL with ELAM☆176Mar 17, 2022Updated 4 years ago
- JXA script for Mythic that prints the TCC.db☆15Apr 18, 2021Updated 5 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- BOF implementations of CVE-2024-26229 for Cobalt Strike and BruteRatel☆27Jun 13, 2024Updated last year
- Shellcode Of Death☆43Aug 31, 2013Updated 12 years ago
- WORK IN PROGRESS. RAT written in C++ using Win32 API☆20Sep 12, 2019Updated 6 years ago
- [POC Detected]Bypass BE Anti Dll Injection (POC/Need Driver)☆17Mar 30, 2020Updated 6 years ago
- Catalog Red Team techniques that cause popups in various macOS versions☆15Nov 18, 2024Updated last year
- Simple remote administration tool. Written in c++ and MASM.☆18May 16, 2018Updated 7 years ago
- Headers for linking your software with ntdll.dll☆15Nov 4, 2020Updated 5 years ago