vulnableone / BypassXLinks
The Swiss army knife of evasion tool that bypasses AMSI, Applocker, and CLM mode simultaneously.
☆27Updated last year
Alternatives and similar repositories for BypassX
Users that are interested in BypassX are comparing it to the libraries listed below
Sorting:
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆51Updated last year
- Windows Thread Pool Injection Havoc Implementation☆32Updated last year
- DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.☆98Updated last year
- WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"☆119Updated last year
- Mockingjay process self injection POC☆39Updated 2 years ago
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆116Updated last year
- A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints☆111Updated last month
- ☆133Updated 6 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆97Updated 4 months ago
- ☆157Updated 8 months ago
- Impersonate Tokens using only NTAPI functions☆79Updated 4 months ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Updated last year
- Bypass user-land hooks by syscall tampering via the Trap Flag☆22Updated last week
- Find DLLs with RWX section☆81Updated 2 years ago
- Code execution/injection technique using DLL PEB module structure manipulation☆163Updated 2 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆77Updated last year
- Adversary Emulation Framework☆122Updated last month
- ☆130Updated 5 months ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆47Updated last year
- A python script that automates a C2 Profile build☆43Updated 5 months ago
- A Mythic Agent written in PIC C.☆199Updated 6 months ago
- ☆152Updated last year
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Updated 5 months ago
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆79Updated 5 months ago
- ☆110Updated 6 months ago
- Do some DLL SideLoading magic☆86Updated last year
- ☆112Updated 9 months ago
- A tool to modify SCCM remote control settings on the client machine, enabling remote control without permission prompts or notifications.…☆95Updated 10 months ago
- This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…☆49Updated 3 months ago
- A small How-To on creating your own weaponized WSL file☆113Updated last month