The Hunt for Malicious Strings
☆13Oct 8, 2020Updated 5 years ago
Alternatives and similar repositories for AMSITrigger
Users that are interested in AMSITrigger are comparing it to the libraries listed below
Sorting:
- Remote Desktop Protocol .NET Console Application for Authenticated Command Execution☆12Jan 21, 2020Updated 6 years ago
- Covenant is a collaborative .NET C2 framework for red teamers.☆13Jul 15, 2022Updated 3 years ago
- Collection of Offensive C# Tooling☆13Nov 4, 2021Updated 4 years ago
- Run commands over RDP on massive number of hosts☆11Nov 26, 2018Updated 7 years ago
- C# Codedom example / builder☆24Mar 8, 2020Updated 5 years ago
- Used to AES encrypt shellcode, can take password or use built in default should be used with Iron Injector to generate and execute shellc…☆15Mar 18, 2022Updated 3 years ago
- Example of async client/server sockets in .NET 5☆17Jun 9, 2021Updated 4 years ago
- Putting the C2 in C2loudflare☆18Jun 28, 2024Updated last year
- Rasta's mouse AMSI patch but with function that makes it undetectable.☆14Apr 21, 2021Updated 4 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆41Dec 31, 2020Updated 5 years ago
- The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23☆23Jun 19, 2025Updated 8 months ago
- ☆20Mar 21, 2024Updated last year
- Proof-of-Concept to evade auditd by writing /proc/PID/mem☆24Aug 21, 2023Updated 2 years ago
- Active Directory Group Policy analyzer☆18Sep 20, 2019Updated 6 years ago
- Passworld is a fully customizable wordlist generator☆16Sep 13, 2024Updated last year
- using VBS to download and install a powershell malware☆39Jun 28, 2019Updated 6 years ago
- Quick script to find info about a syscall in a target architecture☆18Jan 8, 2020Updated 6 years ago
- Playing with packets in C#☆15Aug 16, 2024Updated last year
- Simple way to read wirte delete values from registry☆18Jun 24, 2019Updated 6 years ago
- A tool implementing process hollowing making your PE polymorphic☆16Aug 11, 2020Updated 5 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆17Sep 29, 2018Updated 7 years ago
- A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro…☆19Nov 20, 2020Updated 5 years ago
- A Simple AES Command Line Crypter☆39Jan 19, 2023Updated 3 years ago
- A lightweight red teaming platform utilizing concurrent nmap scans to populate a collaborative web server.☆23Feb 22, 2026Updated last week
- ☆24Jun 9, 2024Updated last year
- Reflective DLL self-loading as a library☆21May 3, 2025Updated 10 months ago
- Infects PE files with a shellcode☆22Oct 20, 2018Updated 7 years ago
- DarkRat source - beware untested source and resources.☆21Dec 7, 2019Updated 6 years ago
- Process Dumper written entirely in VBA.☆25Feb 13, 2021Updated 5 years ago
- Rubber Ducky powered by NeoKey☆29Jun 3, 2024Updated last year
- Obtains a crackable hash for the current user account☆23Feb 3, 2019Updated 7 years ago
- Injecting shellcode into a process memory and executing it in C#☆52Oct 2, 2022Updated 3 years ago
- ☆11Feb 14, 2023Updated 3 years ago
- Simple class to search and upload files☆28Aug 13, 2019Updated 6 years ago
- Sample configuration to include as an Asterisk configuration to supplement automated caller ID spoofing capabilities.☆27Sep 20, 2020Updated 5 years ago
- DarkRats Standalone HVNC☆25May 20, 2022Updated 3 years ago
- A basic .NET obfuscator uses dnlib, Modded KoiVM on decryption methods. Not stable for now, works on "crack me" executables.☆28Oct 24, 2021Updated 4 years ago
- Lifetime AMSI bypass.☆36Apr 21, 2025Updated 10 months ago
- Download a .NET payload and run it on memory☆70Apr 12, 2019Updated 6 years ago