Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.
☆49Dec 31, 2021Updated 4 years ago
Alternatives and similar repositories for injectAmsiBypass
Users that are interested in injectAmsiBypass are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆30Dec 31, 2021Updated 4 years ago
- Cobalt Strike BOF for quser.exe implementation using Windows API☆87Mar 22, 2023Updated 3 years ago
- ☆177Mar 27, 2023Updated 3 years ago
- Beacon Object File implementation of Event Viewer deserialization UAC bypass☆133May 6, 2022Updated 4 years ago
- CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process inject…☆242Jan 4, 2023Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- golang rpc框架,支持数据加密传输☆13Updated this week
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆300Sep 28, 2021Updated 4 years ago
- Code with Windows Hacker☆12Oct 14, 2022Updated 3 years ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆141Sep 12, 2022Updated 3 years ago
- It stinks☆103Apr 22, 2022Updated 4 years ago
- A collection of Cobalt Strike Malleable C2 profiles☆36Oct 13, 2020Updated 5 years ago
- ☆164Apr 25, 2022Updated 4 years ago
- Its a coff loader ported to go( Modified by TimWhite )☆26Jul 17, 2023Updated 2 years ago
- A simple program to hook the current process to identify the manual syscall executions on windows☆268Nov 18, 2022Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Beacon Object File implementation of pwn1sher's KillDefender☆67Jun 28, 2022Updated 3 years ago
- A BOF to determine Windows Defender exclusions.☆255Jun 25, 2023Updated 2 years ago
- In-memory token vault BOF for Cobalt Strike☆150Aug 18, 2022Updated 3 years ago
- Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscal…☆323Aug 2, 2023Updated 2 years ago
- COFF and BOF Loader written in Nim☆174Apr 4, 2026Updated last month
- Source Code Management Attack Toolkit☆13Aug 1, 2022Updated 3 years ago
- Nim version of MDSec's Parallel Syscall PoC☆124Apr 4, 2026Updated last month
- use shellcode as asm function☆23Mar 29, 2022Updated 4 years ago
- ☆131Jun 28, 2023Updated 2 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…☆220Jul 14, 2021Updated 4 years ago
- Csharp 反射加载dll☆41Aug 8, 2021Updated 4 years ago
- BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released a…☆399Jan 9, 2024Updated 2 years ago
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆287Jun 8, 2023Updated 2 years ago
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆37Dec 7, 2025Updated 5 months ago
- A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC☆378May 24, 2022Updated 3 years ago
- miscellaneous scripts and programs☆282Jan 23, 2025Updated last year
- Slide decks and/or materials from conference presentations☆56Nov 15, 2022Updated 3 years ago
- Beacon Object File PoC implementation of KillDefender☆235Apr 12, 2022Updated 4 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Beacon.dll reverse☆141Sep 5, 2021Updated 4 years ago
- Writeup of Payload Techniques in C involving Mutants, Session 1 -> Session 0 migration, and Self-Deletion of payloads.☆129Apr 24, 2022Updated 4 years ago
- A PoC implementation for dynamically masking call stacks with timers.☆310Feb 13, 2023Updated 3 years ago
- 针对kubernetes中的RBAC可能被攻击检测工具。Detection tool for possible attacks on RBAC in kubernetes.☆25Jan 4, 2024Updated 2 years ago
- A simple BOF that frees UDRLs☆122May 29, 2022Updated 3 years ago
- Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…☆469Mar 8, 2023Updated 3 years ago
- 替代PrintBug用于本地提权的新方式,主要利用MS-EFSR协议中的接口函数 借鉴了Potitpotam中对于EFSR协议的利用,实现了本地提权的一系列方式 Drawing on the use of the EFSR protocol in Potitpotam, …☆150Mar 13, 2022Updated 4 years ago