A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.
☆66Oct 17, 2023Updated 2 years ago
Alternatives and similar repositories for AmsiScanner
Users that are interested in AmsiScanner are comparing it to the libraries listed below
Sorting:
- Your NTDLL vaccine from modern direct syscall methods.☆36Apr 5, 2022Updated 3 years ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆61May 12, 2025Updated 9 months ago
- ☆20Mar 21, 2024Updated last year
- The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23☆23Jun 19, 2025Updated 8 months ago
- Execute Mimikatz with different technique☆51Nov 8, 2021Updated 4 years ago
- A new AMSI Bypass technique using .NET ALI Call Hooking.☆193Nov 15, 2022Updated 3 years ago
- Hookers are cooler than patches.☆170Jan 21, 2022Updated 4 years ago
- Silent Cleanup UAC Bypass POC☆11Dec 15, 2019Updated 6 years ago
- A Sigma based detection pipeline☆13Dec 15, 2023Updated 2 years ago
- SLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#☆66Aug 29, 2023Updated 2 years ago
- Do some DLL SideLoading magic☆89Sep 20, 2023Updated 2 years ago
- A string obfuscator for .NET apps, built to evade static string analysis.☆109Jan 3, 2023Updated 3 years ago
- Fully modular persistence framework☆259Apr 10, 2023Updated 2 years ago
- Standalone Cobalt Strike operation logging Aggressor script for Ghostwriter 2.0+☆35Dec 1, 2025Updated 2 months ago
- BoobSnail allows generating Excel 4.0 XLM macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro generation.☆258Mar 6, 2025Updated 11 months ago
- Cobalt Strike Aggressor Script that Performs System/AV/EDR Recon☆342Jun 6, 2022Updated 3 years ago
- Kudzu is a Go C2 platform with an emphasis on extensibility.☆11Mar 30, 2021Updated 4 years ago
- This script was developped to assist in SpearPhishing campaign during Red Team operations. It can be used to generate random name based o…☆13Feb 6, 2023Updated 3 years ago
- C2 redirector as a web API☆10May 22, 2021Updated 4 years ago
- Implementation of Indirect Syscall technique to pop a calc.exe☆113Jan 25, 2024Updated 2 years ago
- ☆18Dec 12, 2020Updated 5 years ago
- Yet, Another Packer/Loader☆25Feb 26, 2023Updated 3 years ago
- OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.☆89Mar 2, 2022Updated 3 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆94Mar 8, 2023Updated 2 years ago
- ☆215Feb 20, 2026Updated last week
- Creation and removal of Defender path exclusions and exceptions in C#.☆32Nov 1, 2023Updated 2 years ago
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆145May 18, 2024Updated last year
- DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable☆59Dec 15, 2023Updated 2 years ago
- Credential Guard Bypass Via Patching Wdigest Memory☆335Feb 3, 2023Updated 3 years ago
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.☆307Dec 9, 2023Updated 2 years ago
- Hiding your infrastructure from the boys in blue.☆23Oct 18, 2021Updated 4 years ago
- Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types☆412Mar 21, 2025Updated 11 months ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆13Feb 4, 2024Updated 2 years ago
- Info related to the Outflank training: Microsoft Office Offensive Tradecraft☆52May 16, 2024Updated last year
- Used to AES encrypt shellcode, can take password or use built in default should be used with Iron Injector to generate and execute shellc…☆15Mar 18, 2022Updated 3 years ago
- A repository with my code snippets for research/education purposes.☆53Jul 28, 2023Updated 2 years ago
- Quick python utility I wrote to turn HTTP requests from burp suite into Cobalt Strike Malleable C2 profiles☆418Apr 6, 2023Updated 2 years ago
- Lifetime AMSI bypass☆671Sep 26, 2023Updated 2 years ago
- A repository holding Proof of Concepts for executing the calculator application via different file formats☆42Jun 27, 2024Updated last year