plackyhacker / AMSI-Bypass
Another AMSI bypass - but in C++.
☆23Updated last year
Related projects ⓘ
Alternatives and complementary repositories for AMSI-Bypass
- A simple Nim stager (w/ fiber execution)☆16Updated 2 years ago
- Just another casual shellcode native loader☆24Updated 2 years ago
- Unused DLL hollowing PoC in Nim☆16Updated 2 years ago
- API Hammering with C++20☆34Updated 2 years ago
- C# project to Reflectively load .Net assemblies in memory☆17Updated 5 months ago
- A repository filled with ideas to break/detect direct syscall techniques☆26Updated 2 years ago
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆53Updated 2 years ago
- Execute shellcode with ZwCreateSection, ZwMapViewOfSection, ZwOpenProcess, ZwMapViewOfSection and ZwCreateThreadEx☆14Updated 3 years ago
- One gate to all syscalls!☆23Updated 2 years ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆32Updated 2 years ago
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆32Updated last year
- Run python from a single exe☆34Updated 2 years ago
- Remove API hooks from a Beacon process.☆12Updated 3 years ago
- A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/☆30Updated 8 months ago
- Beacon Object File implementation of Yaxser's Backstab☆14Updated 2 years ago
- Extension functionality for the NightHawk operator client☆26Updated last year
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆53Updated 2 years ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆25Updated 2 years ago
- ☆37Updated 3 years ago
- Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used☆92Updated 3 years ago
- A simple injector that uses LoadLibraryA☆16Updated 4 years ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆21Updated last year
- ☆26Updated 4 years ago
- Windows x64 Process Injection via Ghostwriting with Dynamic Configuration☆27Updated 3 years ago
- A more advanced free and open .NET obfuscator using dnlib.☆10Updated 2 years ago