vulnableone / BypassX
The Swiss army knife of evasion tool that bypasses AMSI, Applocker, and CLM mode simultaneously.
☆27Updated last year
Alternatives and similar repositories for BypassX:
Users that are interested in BypassX are comparing it to the libraries listed below
- A python script that automates a C2 Profile build☆39Updated 3 weeks ago
- Windows Thread Pool Injection Havoc Implementation☆28Updated last year
- Brief writeup of post exploitation methodologies.☆18Updated last year
- Impersonate Tokens using only NTAPI functions☆61Updated 2 weeks ago
- Situational Awareness script to identify how and where to run implants☆50Updated 4 months ago
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆112Updated 3 weeks ago
- Automatically extract and decrypt all configured scanning credentials of a Lansweeper instance.☆37Updated 4 months ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆38Updated 9 months ago
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆74Updated last month
- Construct the payload at runtime using an array of offsets☆63Updated 10 months ago
- ☆54Updated 2 months ago
- 🧠 The ultimate, community-curated resource for Beacon Object Files (BOFs) — tutorials, how-tos, deep dives, and reference materials.☆38Updated this week
- Two in one, patch lifetime powershell console, no more etw and amsi!☆88Updated 9 months ago
- ☆54Updated 6 months ago
- Cortex EDR Ransomware protection Bypass☆21Updated 2 months ago
- Sniffing files generator☆54Updated last month
- Adversary Emulation Framework☆98Updated 9 months ago
- ☆41Updated 2 weeks ago
- Lateral Movement via the .NET Profiler☆81Updated 5 months ago
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆113Updated 11 months ago
- A Python based tool to convert custom queries from Legacy BloodHound to BloodHound CE format, with the option to directly upload them to …☆25Updated 3 months ago
- Scripts I use to deploy Havoc on Linode and setup categorization and SSL☆40Updated 10 months ago
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆48Updated 11 months ago
- Lifetime AMSI bypass.☆35Updated 9 months ago
- An impacket-lite cli tool that combines many useful impacket functions using a single session.☆47Updated 2 months ago
- Dumping LSASS Evaded Endpoint Security Solutions☆12Updated 2 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆74Updated 8 months ago
- Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe☆13Updated last year
- Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆15Updated 2 years ago
- a port of privkit bof for havoc☆23Updated last year