two06 / AMSI_HandlerLinks
Automate AV evasion by calling AMSI
☆86Updated 2 years ago
Alternatives and similar repositories for AMSI_Handler
Users that are interested in AMSI_Handler are comparing it to the libraries listed below
Sorting:
- ReaCOM has got a lot of tools to use and is related to component object model☆74Updated 5 years ago
- Inject .Net payloads into other .Net assemblies on disk☆61Updated 5 years ago
- Initial Commit of Coresploit☆57Updated 3 years ago
- ☆69Updated 6 years ago
- Privesc through import of Sheduled tasks + Hardlinks - CVE-2019-1069☆37Updated 6 years ago
- A C# DLL to Dump LSA Secrets☆58Updated 7 years ago
- few months old but better than nothing☆58Updated 3 years ago
- ☆94Updated 6 years ago
- A C# tool for enumerating remote access policies through group policy.☆73Updated 6 years ago
- ☆54Updated 6 years ago
- Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.☆77Updated 5 years ago
- ☆42Updated 6 years ago
- .NET tool for enumeration processes and dumping memory.☆57Updated 6 years ago
- C++ POC code for the wlbsctrl.dll hijack on IKEEXT☆54Updated 6 years ago
- Credential Dumper☆78Updated 5 years ago
- Convert Empire profiles to Apache mod_rewrite scripts☆28Updated 6 years ago
- Experiments on the Windows Internals☆30Updated 6 years ago
- Extract all IP of a computer using DCOM without authentication (aka detect network used for administration)☆26Updated 5 years ago
- ☆43Updated 6 years ago
- ☆45Updated 7 years ago
- External C2 Using IE COM Objects☆101Updated 6 years ago
- Python 3 server used to control SK8RAT implant☆36Updated 4 years ago
- ☆54Updated 7 years ago
- POC code to crash Windows Event Logger Service☆27Updated 4 years ago
- BlueKeep powershell scanner (based on c# code)☆39Updated 5 years ago
- ☆37Updated 6 years ago
- InsecurePowerShellHost is a .NET Core host process for InsecurePowerShell, a version of PowerShell Core v6.0.0 with key security features…☆32Updated 7 years ago
- Microsoft Applocker evasion tool☆39Updated 5 years ago
- Tool for injecting a "TCP Relay" managed assembly into an unmanaged process☆65Updated 6 years ago
- adding a backdooruser using win32api☆80Updated 5 years ago