The Hunt for Malicious Strings
☆13Oct 8, 2020Updated 5 years ago
Alternatives and similar repositories for AMSITrigger
Users that are interested in AMSITrigger are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Remote Desktop Protocol .NET Console Application for Authenticated Command Execution☆12Jan 21, 2020Updated 6 years ago
- Covenant is a collaborative .NET C2 framework for red teamers.☆13Jul 15, 2022Updated 3 years ago
- Collection of Offensive C# Tooling☆13Nov 4, 2021Updated 4 years ago
- Rasta's mouse AMSI patch but with function that makes it undetectable.☆14Apr 21, 2021Updated 4 years ago
- Active Directory Group Policy analyzer☆18Sep 20, 2019Updated 6 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆41Dec 31, 2020Updated 5 years ago
- Used to AES encrypt shellcode, can take password or use built in default should be used with Iron Injector to generate and execute shellc…☆15Mar 18, 2022Updated 4 years ago
- C# Codedom example / builder☆24Mar 8, 2020Updated 6 years ago
- A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro…☆19Nov 20, 2020Updated 5 years ago
- A lightweight red teaming platform utilizing concurrent nmap scans to populate a collaborative web server.☆23Feb 22, 2026Updated last month
- Example of async client/server sockets in .NET 5☆17Jun 9, 2021Updated 4 years ago
- Run commands over RDP on massive number of hosts☆11Nov 26, 2018Updated 7 years ago
- using VBS to download and install a powershell malware☆39Jun 28, 2019Updated 6 years ago
- Playing with packets in C#☆15Aug 16, 2024Updated last year
- A tool implementing process hollowing making your PE polymorphic☆16Aug 11, 2020Updated 5 years ago
- Infects PE files with a shellcode☆22Oct 20, 2018Updated 7 years ago
- PoC: process watcher patterns to make killing a process hard.☆11Aug 1, 2018Updated 7 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆17Sep 29, 2018Updated 7 years ago
- Surgical python tool to assist in LFI discovery☆13Sep 2, 2018Updated 7 years ago
- The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23☆23Jun 19, 2025Updated 9 months ago
- Quick script to find info about a syscall in a target architecture☆18Jan 8, 2020Updated 6 years ago
- DarkRat source - beware untested source and resources.☆21Dec 7, 2019Updated 6 years ago
- Putting the C2 in C2loudflare☆18Jun 28, 2024Updated last year
- ☆30Jul 1, 2025Updated 8 months ago
- A basic .NET obfuscator uses dnlib, Modded KoiVM on decryption methods. Not stable for now, works on "crack me" executables.☆28Oct 24, 2021Updated 4 years ago
- Execute SQL on CSV files☆18Jul 16, 2022Updated 3 years ago
- Windows hidden thread suspend POC with code injection☆12May 27, 2017Updated 8 years ago
- ☆20Mar 21, 2024Updated 2 years ago
- morphHTA - Morphing Cobalt Strike's evil.HTA☆10Jun 3, 2017Updated 8 years ago
- Simple way to read wirte delete values from registry☆18Jun 24, 2019Updated 6 years ago
- Proof-of-Concept to evade auditd by writing /proc/PID/mem☆24Aug 21, 2023Updated 2 years ago
- Download payload to disk and install it to startup then melt.☆35Apr 9, 2019Updated 6 years ago
- Windows Internals Book 7th edition Tools☆17Apr 26, 2020Updated 5 years ago
- Obtains a crackable hash for the current user account☆23Feb 3, 2019Updated 7 years ago
- A malicious KeePass plugin to exfiltrate the master key.☆15Oct 25, 2021Updated 4 years ago
- Loading unmanaged dll (32 and 64bits) in managed exe☆11Dec 12, 2020Updated 5 years ago
- shell sql for fun☆45Dec 20, 2025Updated 3 months ago
- A ton of helpful tools☆15Jul 31, 2016Updated 9 years ago
- A custom run space to bypass AMSI and Constrained Language mode in PowerShell.☆21May 17, 2023Updated 2 years ago