Walking the PEB in VBA
☆24Apr 6, 2020Updated 6 years ago
Alternatives and similar repositories for AmsiPEBWalkVBA
Users that are interested in AmsiPEBWalkVBA are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆16Apr 14, 2020Updated 6 years ago
- Bypass AMSI and Defender using Ordinal Values☆41Apr 15, 2020Updated 6 years ago
- ☆19Nov 26, 2020Updated 5 years ago
- Kibana app for RedELK☆18Mar 19, 2023Updated 3 years ago
- ☆31Aug 23, 2020Updated 5 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Inject Encrypted Commands Into EMF Shapes for C2 In VBA / Office Malware☆39Jul 10, 2020Updated 5 years ago
- A small .NET compression utility☆58Feb 2, 2022Updated 4 years ago
- AMSI Bypass Via the Heap☆107Nov 20, 2020Updated 5 years ago
- An injector that aims to be stealthy by using non suspicious API calls. Inspired by (https://github.com/FuzzySecurity/Sharp-Suite/tree/ma…☆24Jun 17, 2020Updated 5 years ago
- AmsiHook is a project I created to figure out a bypass to AMSI via function hooking.☆68Jun 14, 2020Updated 5 years ago
- A project to replicate the functionality of Noah Powers' ServerSetup script, but with error handling and fixed Namecheap API support.☆33Oct 1, 2021Updated 4 years ago
- Call your own DLL from VBA and execute code under process svchost.exe with WMI☆12Mar 6, 2020Updated 6 years ago
- Fake SMB and SAMR data☆11Oct 27, 2019Updated 6 years ago
- ☆13Jul 30, 2021Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Protect your servers with a secret header☆29Jun 12, 2020Updated 5 years ago
- A PowerShell script to prevent Sysmon from writing its events☆17Apr 23, 2020Updated 6 years ago
- Automate AV evasion by calling AMSI☆88May 31, 2023Updated 2 years ago
- .Net Assembly to block ETW telemetry in current process��☆81May 14, 2020Updated 6 years ago
- Microsoft Applocker evasion tool☆39Nov 26, 2019Updated 6 years ago
- A small POC of using Azure Functions to relay communications. Feel free to add additional functionality beyond this POC!☆80Mar 30, 2023Updated 3 years ago
- Run shellcode from resource☆257Dec 13, 2020Updated 5 years ago
- Remote code execution in Power Platform connectors via JSON deserialization☆23Mar 30, 2023Updated 3 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆219Mar 5, 2020Updated 6 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A simple proof of concept for detecting use of Cobalt Strike's execute-assembly☆59Apr 1, 2022Updated 4 years ago
- ☆38Mar 4, 2020Updated 6 years ago
- C# code to run PIC using CreateThread☆17Apr 19, 2019Updated 7 years ago
- DEFCON 27 slides and workshop materials.☆127Jun 29, 2020Updated 5 years ago
- A Canary which fires when uninstalled☆34Mar 16, 2021Updated 5 years ago
- Scripts to automate standing up apache2 with mod_rewrite in front of C2 servers.☆47Feb 17, 2021Updated 5 years ago
- A cloud automation system for Red Teams based on Terraform and Ansible☆24Apr 21, 2021Updated 5 years ago
- Spray a hash via smb to check for local administrator access☆142Feb 7, 2021Updated 5 years ago
- Extended Process List (Search functionality)☆29Jan 23, 2021Updated 5 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Capture screenshots from .NET using .NET methods or Windows API calls☆66Mar 9, 2020Updated 6 years ago
- A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.☆14Jan 15, 2025Updated last year
- Standalone version of my AES Powershell payload for Cobalt Strike.☆111Dec 27, 2019Updated 6 years ago
- Remote Thread Injection by C# + Delegate Techniques☆12Jun 6, 2023Updated 2 years ago
- D/Invoke port of UrbanBishop☆108Jul 19, 2020Updated 5 years ago
- Security Related Tools and Resources☆16Aug 10, 2017Updated 8 years ago
- Using outlook COM objects to create convincing phishing emails without the user noticing. This project is meant for internal phishing.☆155Dec 22, 2020Updated 5 years ago