Walking the PEB in VBA
☆24Apr 6, 2020Updated 6 years ago
Alternatives and similar repositories for AmsiPEBWalkVBA
Users that are interested in AmsiPEBWalkVBA are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆16Apr 14, 2020Updated 6 years ago
- Bypass AMSI and Defender using Ordinal Values☆41Apr 15, 2020Updated 6 years ago
- ☆19Nov 26, 2020Updated 5 years ago
- Kibana app for RedELK☆18Mar 19, 2023Updated 3 years ago
- ☆31Aug 23, 2020Updated 5 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Inject Encrypted Commands Into EMF Shapes for C2 In VBA / Office Malware☆39Jul 10, 2020Updated 5 years ago
- A small .NET compression utility☆58Feb 2, 2022Updated 4 years ago
- AMSI Bypass Via the Heap☆107Nov 20, 2020Updated 5 years ago
- An injector that aims to be stealthy by using non suspicious API calls. Inspired by (https://github.com/FuzzySecurity/Sharp-Suite/tree/ma…☆24Jun 17, 2020Updated 5 years ago
- AmsiHook is a project I created to figure out a bypass to AMSI via function hooking.☆67Jun 14, 2020Updated 5 years ago
- A project to replicate the functionality of Noah Powers' ServerSetup script, but with error handling and fixed Namecheap API support.☆33Oct 1, 2021Updated 4 years ago
- Call your own DLL from VBA and execute code under process svchost.exe with WMI☆12Mar 6, 2020Updated 6 years ago
- Fake SMB and SAMR data☆11Oct 27, 2019Updated 6 years ago
- ☆13Jul 30, 2021Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Protect your servers with a secret header☆29Jun 12, 2020Updated 5 years ago
- A PowerShell script to prevent Sysmon from writing its events☆17Apr 23, 2020Updated 5 years ago
- Automate AV evasion by calling AMSI☆88May 31, 2023Updated 2 years ago
- .Net Assembly to block ETW telemetry in current process☆81May 14, 2020Updated 5 years ago
- Microsoft Applocker evasion tool☆39Nov 26, 2019Updated 6 years ago
- A small POC of using Azure Functions to relay communications. Feel free to add additional functionality beyond this POC!☆80Mar 30, 2023Updated 3 years ago
- Run shellcode from resource☆259Dec 13, 2020Updated 5 years ago
- Remote code execution in Power Platform connectors via JSON deserialization☆23Mar 30, 2023Updated 3 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆219Mar 5, 2020Updated 6 years ago
- Serverless GPU API endpoints on Runpod - Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- A simple proof of concept for detecting use of Cobalt Strike's execute-assembly☆59Apr 1, 2022Updated 4 years ago
- ☆38Mar 4, 2020Updated 6 years ago
- C# code to run PIC using CreateThread☆17Apr 19, 2019Updated 6 years ago
- A Canary which fires when uninstalled☆34Mar 16, 2021Updated 5 years ago
- Scripts to automate standing up apache2 with mod_rewrite in front of C2 servers.☆47Feb 17, 2021Updated 5 years ago
- A cloud automation system for Red Teams based on Terraform and Ansible☆25Apr 21, 2021Updated 4 years ago
- Spray a hash via smb to check for local administrator access☆142Feb 7, 2021Updated 5 years ago
- Extended Process List (Search functionality)☆29Jan 23, 2021Updated 5 years ago
- Capture screenshots from .NET using .NET methods or Windows API calls☆66Mar 9, 2020Updated 6 years ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.☆14Jan 15, 2025Updated last year
- Standalone version of my AES Powershell payload for Cobalt Strike.☆111Dec 27, 2019Updated 6 years ago
- Remote Thread Injection by C# + Delegate Techniques☆12Jun 6, 2023Updated 2 years ago
- D/Invoke port of UrbanBishop☆108Jul 19, 2020Updated 5 years ago
- Using outlook COM objects to create convincing phishing emails without the user noticing. This project is meant for internal phishing.☆155Dec 22, 2020Updated 5 years ago
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆166May 27, 2020Updated 5 years ago
- Python api for usage with cobalt strike's External C2 specification☆72Feb 15, 2018Updated 8 years ago