Alternatives and similar repositories for AmsiBypass-OpenSession:

Users that are interested in AmsiBypass-OpenSession are comparing it to the libraries listed below

• LuemmelSec / ntlmrelayx.py_to_exe
  ☆79Updated last year
• rasta-mouse / SCMUACBypass
  ☆96Updated last year
• werdhaihai / SharpAltShellCodeExec
  Alternative Shellcode Execution Via Callbacks in C# with P/Invoke
  ☆76Updated 2 years ago
• LudovicPatho / CVE-2022-26923_AD-Certificate-Services
  The vulnerability allowed a low-privileged user to escalate privileges to domain administrator in a default Active Directory environment …
  ☆44Updated 2 years ago
• RayRRT / Active-Directory-Certificate-Services-abuse
  ☆48Updated 2 years ago
• sfewer-r7 / CVE-2023-27532
  Exploit for CVE-2023-27532 against Veeam Backup & Replication
  ☆108Updated last year
• kymb0 / Stealth_shellcode_runners
  ☆55Updated 11 months ago
• ananth-she11z / AutoSQL
  A tool to enumerate and exploit SQL Servers in AD
  ☆34Updated last year
• WKL-Sec / Winsocky
  Winsocket for Cobalt Strike.
  ☆97Updated last year
• horizon3ai / backup_dc_registry
  A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY
  ☆80Updated 3 years ago
• susMdT / SharpAgent
  C# havoc implant
  ☆98Updated 2 years ago
• PhrozenIO / SharpFtpC2
  A Streamlined FTP-Driven Command and Control Conduit for Interconnecting Remote Systems.
  ☆87Updated last year
• mertdas / SharpLateral
  Lateral Movement
  ☆123Updated last year
• weaselsec / GodPotato-Aggressor-Script
  ☆85Updated last year
• dmcxblue / SharpBlackout
  Terminate AV/EDR leveraging BYOVD attack
  ☆80Updated last year
• OG-Sadpanda / SharpSword
  Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly
  ☆118Updated 5 months ago
• foxlox / hypobrychium
  Duplicate not owned Token from Running Process
  ☆72Updated last year
• ewby / Mockingjay_BOF
  Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique
  ☆149Updated last year
• smokeintheshell / CVE-2023-20198
  CVE-2023-20198 Exploit PoC
  ☆44Updated last year
• Tw1sm / SQL-BOF
  Library of BOFs to interact with SQL servers
  ☆160Updated 3 months ago
• v1k1ngfr / fuegoshell
  Fuegoshell is a powershell oneliner generator for Windows remote shell re-using TCP 445
  ☆42Updated 10 months ago
• sliverarmory / hashdump
  Dump Windows SAM hashes
  ☆41Updated last year
• ScriptIdiot / BOF-patchit
  An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are a…
  ☆129Updated 2 years ago
• G0ldenGunSec / GetWebDAVStatus
  Determine if the WebClient Service (WebDAV) is running on a remote system
  ☆127Updated last year
• x4sh3s / AMSI_Lines
  Bypass AMSI By Dividing files into multiple smaller files
  ☆45Updated 2 years ago
• e1abrador / Crackmapexec-custom-modules
  Crackmapexec custom scripts used in my internal pentests.
  ☆25Updated last year
• RikunjSindhwad / MSSQL-Attacker
  MSSQL Database Attacker tool
  ☆191Updated 2 years ago
• xenoscr / SysWhispers2
  AV/EDR evasion via direct system calls.
  ☆107Updated last year
• Sq00ky / RunAsPasswd
  A RunAs clone with the ability to specify the password as an argument.
  ☆111Updated last year