winsecurity/AMSI-Bypass-HWBP external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

winsecurity/AMSI-Bypass-HWBP

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/winsecurity/AMSI-Bypass-HWBP)

Close

winsecurity / AMSI-Bypass-HWBPView on GitHubMore

• External links
• Readme badge

☆26Aug 11, 2025Updated 8 months ago

Alternatives and similar repositories for AMSI-Bypass-HWBP

Users that are interested in AMSI-Bypass-HWBP are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• Teach2Breach / hollow_rs

  View on GitHub
  A Rust PoC implementation of the Early Bird process hollowing technique, inspired by https://github.com/boku7/HOLLOW.
  ☆31Feb 7, 2025Updated last year
• Teach2Breach / dll2shell

  View on GitHub
  converts sRDI compatible dlls to shellcode
  ☆35Jan 20, 2025Updated last year
• kleiton0x00 / RtlHijack

  View on GitHub
  Alternative Read and Write primitives using Rtl* functions the unintended way.
  ☆79Aug 25, 2025Updated 7 months ago
• Leo4j / PowerDACL

  View on GitHub
  A tool to abuse weak permissions of Active Directory Discretionary Access Control Lists (DACLs) and Access Control Entries (ACEs)
  ☆62Feb 4, 2026Updated 2 months ago
• x0xr00t / sl0ppy-PrivescTaskCreator

  View on GitHub
  sl0ppy-PrivescTaskCreator.ps1
  ☆41Oct 8, 2025Updated 6 months ago
• GPUs on demand by Runpod - Special Offer Available • Ad
  Run AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
• KiExitDispatcher / Ebyte-AMSI-ProxyInjector

  View on GitHub
  A lightweight tool that injects a custom assembly proxy into a target process to silently bypass AMSI scanning by redirecting AmsiScanBuf…
  ☆64May 16, 2025Updated 10 months ago
• Leo4j / Invoke-SMBRemoting

  View on GitHub
  Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement
  ☆183May 19, 2025Updated 10 months ago
• jsecu / ModTask

  View on GitHub
  ☆52Mar 30, 2026Updated 2 weeks ago
• Teach2Breach / rpeloader

  View on GitHub
  use python on windows with full submodule support without installation
  ☆30Jan 23, 2025Updated last year
• hwbp / LazyHook

  View on GitHub
  Evade behavioral analysis by executing malicious code within trusted Microsoft call stacks, patchless hooking library IAT/EAT.
  ☆136Dec 8, 2025Updated 4 months ago
• MythicAgents / Xenon

  View on GitHub
  A Mythic agent for Windows written in C
  ☆161Updated this week
• rtecCyberSec / RAITrigger

  View on GitHub
  Local SYSTEM auth trigger for relaying
  ☆171Jul 22, 2025Updated 8 months ago
• NtDallas / OdinLdr

  View on GitHub
  Cobaltstrike Reflective Loader with Synthetic Stackframe
  ☆191Jan 17, 2026Updated 2 months ago
• The-Viper-One / Invoke-PassTheCert

  View on GitHub
  Pure PowerShell port of PassTheCert tool to authenticate to an LDAP/S server with a certificate through Schannel
  ☆62Apr 13, 2025Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• cfs0x / nightshade

  View on GitHub
  ☆37Jul 1, 2025Updated 9 months ago
• Teach2Breach / pool_party_rs

  View on GitHub
  remote process injections using pool party techniques
  ☆71Jun 29, 2025Updated 9 months ago
• EspressoCake / cIdentifyServiceDependencies_BOF

  View on GitHub
  Beacon Object File (BOF) for identifying dependent child services of a given parent.
  ☆19Jun 20, 2025Updated 9 months ago
• garrettfoster13 / ldap_bofs

  View on GitHub
  Random BOFs for LDAP tradecraft
  ☆74Sep 9, 2025Updated 7 months ago
• HackingLZ / saas_enum

  View on GitHub
  Command-line tool for discovering SaaS platforms a company uses via DNS enumeration
  ☆40Jul 23, 2025Updated 8 months ago
• tehstoni / LexiCrypt

  View on GitHub
  Shellcode encryptor using a substitution cipher with a randomly generated key.
  ☆141Jan 18, 2025Updated last year
• rasta-mouse / pwnlift

  View on GitHub
  Easy peasy file uploads
  ☆33Aug 29, 2025Updated 7 months ago
• nyxgeek / azure_survey_2025

  View on GitHub
  results of scraping OneDrive from February 2022 - March 2025
  ☆27Apr 29, 2025Updated 11 months ago
• whokilleddb / funcshenanigans

  View on GitHub
  A bunch of shenanigans using functions, VEH and more
  ☆38Jun 8, 2025Updated 10 months ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• tbhaxor / CARTX

  View on GitHub
  Collection of powershell scripts I used to complete my CARTP and CARTE courses.
  ☆49Feb 27, 2026Updated last month
• ASP4RUX / bypassEDR-AV

  View on GitHub
  ☆59Nov 13, 2024Updated last year
• hdbreaker / Nimhawk

  View on GitHub
  A powerful, modular, lightweight and efficient command & control framework written in Nim.
  ☆224Nov 3, 2025Updated 5 months ago
• RedTeamPentesting / keycred

  View on GitHub
  Generate and Manage KeyCredentialLinks
  ☆254Mar 9, 2026Updated last month
• jborean93 / AmsiProvider

  View on GitHub
  Test AMSI Provider implementation in C#
  ☆45Dec 18, 2024Updated last year
• logangoins / Stifle

  View on GitHub
  .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS
  ☆150Feb 10, 2025Updated last year
• Teach2Breach / noldr

  View on GitHub
  Dynamically resolve API function addresses at runtime in a secure manner.
  ☆73Nov 11, 2025Updated 5 months ago
• dmcxblue / PyObscura

  View on GitHub
  A python script that automates a C2 Profile build
  ☆48Dec 14, 2025Updated 4 months ago
• Acucarinho / havoc-obfuscator

  View on GitHub
  Automated script for obfuscating, rebranding and renaming the Havoc C2 Framework to evade AV/EDR and C2 hunters.
  ☆46Aug 13, 2025Updated 8 months ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• tehstoni / cmstp_uac_bypass_bof

  View on GitHub
  ☆16May 30, 2025Updated 10 months ago
• voidvxvi / HellBunny

  View on GitHub
  Shellcode loader written in C and Assembly utilizing direct or indirect syscalls to evade UM EDR hooks
  ☆139Dec 22, 2024Updated last year
• Teach2Breach / snapinject_rs

  View on GitHub
  A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …
  ☆50Jan 25, 2025Updated last year
• T1erno / bin2shellcode

  View on GitHub
  C++ tool and library for converting .bin files to shellcode in multiple output formats.
  ☆34Aug 18, 2025Updated 7 months ago
• Faran-17 / Hellshazzard

  View on GitHub
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆84Aug 13, 2024Updated last year
• redr0nin / CVE-2024-38143

  View on GitHub
  Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability
  ☆24Feb 5, 2025Updated last year
• VirtualSamuraii / flyphish

  View on GitHub
  Deploy a phishing infrastructure on the fly.
  ☆78Dec 21, 2024Updated last year