Bypass AMSI and Defender using Ordinal Values
☆41Apr 15, 2020Updated 5 years ago
Alternatives and similar repositories for AMSI_Ordinal_Bypass
Users that are interested in AMSI_Ordinal_Bypass are comparing it to the libraries listed below
Sorting:
- A repo to hold any bypasses I work on/study/whatever☆19Dec 30, 2020Updated 5 years ago
- Walking the PEB in VBA☆24Apr 6, 2020Updated 5 years ago
- when pass change ,send the pass to remote host☆20Jan 19, 2020Updated 6 years ago
- Automation Capable Multi Search 64 Bit Windows Memory Scanner☆28Apr 7, 2021Updated 4 years ago
- .Net Assembly to block ETW telemetry in current process☆81May 14, 2020Updated 5 years ago
- AMSI Bypass Via the Heap☆107Nov 20, 2020Updated 5 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆219Mar 5, 2020Updated 6 years ago
- ☆73Oct 24, 2021Updated 4 years ago
- Managed assembly shellcode generation☆280Mar 19, 2021Updated 4 years ago
- Privesc through import of Sheduled tasks + Hardlinks - CVE-2019-1069☆37Jun 26, 2019Updated 6 years ago
- ☆37Aug 18, 2019Updated 6 years ago
- Runpe + DInvoke + Syscall☆16Jun 18, 2021Updated 4 years ago
- ☆50Sep 11, 2019Updated 6 years ago
- This tool allows you to stealthily inject a DLL into a process.☆14Jul 11, 2015Updated 10 years ago
- Project to use Golang inside C#☆80Jun 5, 2020Updated 5 years ago
- Load C# Code straight to memory☆56May 14, 2020Updated 5 years ago
- Simple EDR implementation to demonstrate bypass☆181May 27, 2020Updated 5 years ago
- This tool enables the compilation of a C# program that will execute arbitrary PowerShell code, without launching PowerShell processes thr…☆196Jul 26, 2020Updated 5 years ago
- Windows log and threat hunting with powershell☆16Dec 11, 2020Updated 5 years ago
- ☆48Nov 18, 2020Updated 5 years ago
- Remote PE reflective injection with a simple reflective loader☆32Jun 28, 2019Updated 6 years ago
- An example of a downloader written in NodeJS.☆24Apr 17, 2021Updated 4 years ago
- A simplified version of DotNetToJScript to create a JScript file which loads a .NET v2 assembly from memory.☆46Mar 1, 2021Updated 5 years ago
- AmsiHook is a project I created to figure out a bypass to AMSI via function hooking.☆67Jun 14, 2020Updated 5 years ago
- This tool is designed to simplify and automate the extraction and organization of useful data from Cobalt Strike logs.☆18Apr 24, 2019Updated 6 years ago
- A simple script to generate JScript code for calling Win32 API functions using XLM/Excel 4.0 macros via Excel.Application "ExecuteExcel4M…☆91Nov 9, 2019Updated 6 years ago
- Non organized Cpp code files I used for my research on Windows☆28Aug 9, 2020Updated 5 years ago
- Constrained Language Mode + AMSI bypass all in one☆156Jul 29, 2019Updated 6 years ago
- C# Shellcode Runner to execute shellcode via CreateRemoteThread and SetThreadContext to evade Get-InjectedThread☆119Apr 9, 2019Updated 6 years ago
- Bypass AMSI and Executing PowerShell scripts from C# - using CyberArk's method to bypass AMSI☆31Feb 22, 2020Updated 6 years ago
- CVE-2020-10199 CVE-2020-10204 Python POC☆19Apr 7, 2020Updated 5 years ago
- Aggressor Script to Execute Assemblies from Github☆71Nov 30, 2020Updated 5 years ago
- A Control Panel Applet dropper project. It has a high success rate on engagements since nobody cares about .CPL files and you can just do…☆53May 31, 2018Updated 7 years ago
- A meterpreter extension for applying hooks to avoid windows defender memory scans☆249Aug 13, 2020Updated 5 years ago
- Reflectively load PE☆106Aug 4, 2020Updated 5 years ago
- A quick tool for hiding a new process running shellcode.☆57Jun 10, 2020Updated 5 years ago
- ☆26Mar 10, 2022Updated 3 years ago
- subTee gists code backups☆37Dec 19, 2017Updated 8 years ago
- Abusing Exchange via EWS☆152Sep 14, 2020Updated 5 years ago