AmsiHook is a project I created to figure out a bypass to AMSI via function hooking.
☆67Jun 14, 2020Updated 5 years ago
Alternatives and similar repositories for AmsiHook
Users that are interested in AmsiHook are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A simple injector that uses LoadLibraryA☆18Jun 14, 2020Updated 5 years ago
- Walking the PEB in VBA☆24Apr 6, 2020Updated 5 years ago
- I used this to see if an EDR is running in Safe Mode☆36Feb 13, 2021Updated 5 years ago
- LoadLibrary for offensive operations☆33Dec 14, 2021Updated 4 years ago
- AmsiScanBufferBypass using D/Invoke☆136Jun 17, 2021Updated 4 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- RDPThief donut shellcode inject into mstsc☆88May 24, 2021Updated 4 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆219Mar 5, 2020Updated 6 years ago
- leaking net-ntlm with webdav☆26Feb 23, 2021Updated 5 years ago
- Loads shellcode from a resource file.☆22Aug 15, 2019Updated 6 years ago
- Sleep Obfuscation☆45Oct 13, 2022Updated 3 years ago
- D/Invoke port of UrbanBishop☆108Jul 19, 2020Updated 5 years ago
- Bypass AMSI and Defender using Ordinal Values☆41Apr 15, 2020Updated 5 years ago
- UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system calls from within of your Red …☆349Jul 3, 2022Updated 3 years ago
- nuke that event log using some epic dinvoke fu☆118May 12, 2021Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Shellcode runner in GO that incorporates shellcode encryption, remote process injection, block dlls, and spoofed parent process☆230Jul 30, 2020Updated 5 years ago
- Injects shellcode into remote processes using direct syscalls☆77Dec 30, 2020Updated 5 years ago
- Reflective DLL loading of your favorite Golang program☆173Jan 27, 2020Updated 6 years ago
- ☆39May 20, 2023Updated 2 years ago
- Hookers are cooler than patches.☆170Jan 21, 2022Updated 4 years ago
- Patch AMSI and ETW☆250May 8, 2024Updated last year
- ☆21Jan 28, 2020Updated 6 years ago
- inject shellcode into remote process via message hook☆15Oct 28, 2020Updated 5 years ago
- ☆50May 12, 2021Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- C# PoC implementation for bypassing AMSI via in memory patching☆66Jul 20, 2020Updated 5 years ago
- Red Team oriented C# Simple HTTP & WebDAV Server with Net-NTLM hashes capture functionality☆287Jun 26, 2023Updated 2 years ago
- autocrack adds queue support for hashcat cracking.☆41Mar 16, 2023Updated 3 years ago
- BoobSnail allows generating Excel 4.0 XLM macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro generation.☆258Mar 6, 2025Updated last year
- AMSI Bypass Via the Heap☆107Nov 20, 2020Updated 5 years ago
- C# version of MDSec's ParallelSyscalls☆142Jan 9, 2022Updated 4 years ago
- Collection of CobaltStrike beacon object files☆105Feb 14, 2022Updated 4 years ago
- A repo to hold any bypasses I work on/study/whatever☆19Dec 30, 2020Updated 5 years ago
- Unchain AMSI by patching the provider’s unmonitored memory space☆91Nov 24, 2022Updated 3 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Shellcode antivirus evasion framework☆27Jan 16, 2021Updated 5 years ago
- ☆153Jan 6, 2023Updated 3 years ago
- GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects☆251Sep 26, 2020Updated 5 years ago
- Tool for interacting with outlook interop during red team engagements☆146Jun 29, 2021Updated 4 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆17Sep 29, 2018Updated 7 years ago
- A simple COM server which provides a component to run shellcode☆148May 12, 2020Updated 5 years ago
- adding a backdooruser using win32api☆80Sep 3, 2020Updated 5 years ago