pathtofile / SimpleAmsiProvider
A simple provider to analyse what gets passed into Microsoft's Anti-Malware Scan Interface
☆15Updated 5 years ago
Alternatives and similar repositories for SimpleAmsiProvider:
Users that are interested in SimpleAmsiProvider are comparing it to the libraries listed below
- A tool to create COM class/interface relationships in neo4j☆48Updated 2 years ago
- ☆31Updated 4 years ago
- ☆24Updated 3 years ago
- Experiments on the Windows Internals☆30Updated 5 years ago
- The repository accompanying the Buer Emulation workshop☆24Updated 3 years ago
- Self-Loading Registration Free COM Functions☆11Updated 5 years ago
- ☆16Updated 3 years ago
- Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.☆74Updated 5 years ago
- Tool to manage user privileges☆28Updated 5 years ago
- ☆11Updated 5 years ago
- ☆28Updated 7 years ago
- ☆21Updated 3 years ago
- ☆48Updated 3 years ago
- C# Implementation of Jared Atkinson's Get-InjectedThread.ps1☆53Updated 3 years ago
- A set of commands to bypass Defender (and some other AVs)☆20Updated 5 years ago
- POC code to crash Windows Event Logger Service☆26Updated 4 years ago
- Simple tool to use LsaManageSidNameMapping get LSA to add or remove SID to name mappings.☆23Updated 4 years ago
- ☆45Updated 6 years ago
- A spiritual .NET equivalent to the Gargoyle memory scanning evasion technique☆51Updated 6 years ago
- A C port of b33f's UrbanBishop☆38Updated 4 years ago
- d☆13Updated last year
- ☆14Updated 4 years ago
- Antivirus Emulator Fingerprints☆28Updated 6 years ago
- C# code to run PIC using CreateThread☆17Updated 5 years ago
- (Sim)ulate (Ba)zar Loader☆29Updated 4 years ago
- Miscellaneous examples for use with Cobalt Strike Beacon☆10Updated 4 years ago
- ☆26Updated 6 years ago
- PoC code from blog☆16Updated 5 years ago
- ☆21Updated 4 years ago
- Python script to patch the reflective stub in a DLL☆24Updated 7 years ago