whydee86 / SnD_AMSILinks
Start new PowerShell without etw and amsi in pure nim
☆156Updated 3 years ago
Alternatives and similar repositories for SnD_AMSI
Users that are interested in SnD_AMSI are comparing it to the libraries listed below
Sorting:
- UI for creating LNKs☆105Updated 4 years ago
- Koppeling x Metatwin x LazySign☆215Updated 4 years ago
- ☆142Updated 3 years ago
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…☆247Updated 4 years ago
- Modular C# framework to exfiltrate loot over secure and trusted channels.☆131Updated 4 years ago
- Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.☆122Updated 3 years ago
- Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus☆242Updated 3 years ago
- Extendable payload obfuscation and delivery framework☆145Updated 2 years ago
- A fake AMSI Provider which can be used for persistence.☆152Updated 4 years ago
- Load .net assemblies from memory while having them appear to be loaded from an on-disk location.☆172Updated 4 years ago
- ☆112Updated 2 years ago
- Beacon Object File & C# project to check LDAP signing☆193Updated last year
- Agressor script that lists available Cobalt Strike beacon commands and colors them based on their type☆210Updated last year
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆117Updated 2 years ago
- ☆91Updated 4 years ago
- Tool for interacting with outlook interop during red team engagements☆146Updated 4 years ago
- ☆250Updated 2 years ago
- Bypassing AppLocker with C#☆143Updated 4 years ago
- InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assem…☆195Updated 4 years ago
- Hookers are cooler than patches.☆170Updated 3 years ago
- Determine if the WebClient Service (WebDAV) is running on a remote system☆140Updated last year
- Weaponising C# - Fundamentals Training Content☆70Updated 4 years ago
- Remotely enables Restricted Admin Mode☆214Updated 4 years ago
- credential dump using foreshaw technique using SeTrustedCredmanAccessPrivilege☆123Updated 4 years ago
- Cobalt Strike Beacon Object Files☆166Updated 3 years ago
- tgtdelegation is a Beacon Object File (BOF) to obtain a usable TGT via the "TGT delegation trick"☆178Updated 3 years ago
- Pass the Hash to a named pipe for token Impersonation☆146Updated 4 years ago
- DLL Hijack Search Order Enumeration BOF☆150Updated 3 years ago
- Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in…☆104Updated 3 years ago
- WNF Code Execution Library Using C#☆111Updated 5 years ago