Repository navigation

#

amsi-evasion

klezVirus/inceptor
klezVirus / inceptor 

Template-Driven AV/EDR Evasion Framework

obfuscationpinvokedinvokecode-injectionprocess-injectionav-bypassamsi-bypassav-evasionedr-bypasspe-packeramsi-evasionred-teamred-teamingav-edr-bypasspayload-generator
Assembly
1718
2 年前
ZeroMemoryEx / Amsi-Killer 

Lifetime AMSI bypass

amsi-bypassamsi-patchred-teamwin32amsi-evasionred-teaming
C++
639
2 年前
klezVirus / chameleon 

PowerShell Script Obfuscator

PowerShellobfuscationbypass-antivirusamsi-evasionamsi-bypass
Python
566
2 年前
sinfulz / JustEvadeBro 

JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.

avantivirusanti-virusMalwareevasionamsi-evasionamsi-bypassbypassevasions
310
1 年前
V-i-x-x / AMSI-WRITE-RAID-BYPASS 

"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS

0dayamsi-bypassamsi-evasionamsi-patchavavbypassedr-bypassvulnerabilitypentestpentestingMalware
PowerShell
294
4 个月前
h0ru / AMSI-Reaper 

amsi-bypassamsi-evasionred-teamC#PowerShellWindowsamsi-patch
C#
105
1 年前
EvilBytecode / Lifetime-Amsi-EtwPatch 

Two in one, patch lifetime powershell console, no more etw and amsi!

amsi-bypassamsi-evasionamsi-patchetwetw-bypasspentestingred-teamingfud
Go
96
4 个月前
safebuffer / LightMe 

HTTP Server serving obfuscated Powershell Scripts/Payloads

amsi-evasionredteam-infrastructurepenetration-testing
PowerShell
94
4 年前
mochabyte0x / TrampoLatte 

A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow

amsi-bypassamsi-evasionetw-bypass
C
15
2 个月前
TartarusLabs / Expeditus 

Expeditus is a loader that executes shellcode on a target Windows system. It combines several offensive techniques in order to attempt to do this with some level of stealth.

adversary-emulationamsi-bypassamsi-evasioncode-injectiondropperpenetration-testingprocess-injectionred-teamred-teaming安全shellcode-injectionshellcode-loader
C#
13
3 年前
Vith0r / Patch-Amsi 

Bypassing amsi.dll via memory patch, simple code!

amsi-bypassamsi-evasionamsi-patch
C++
12
10 个月前
okankurtuluss / AMSIBypassPatch 

This PowerShell script applies a memory patch to bypass the Antimalware Scan Interface (AMSI), allowing unrestricted execution of PowerShell commands.

amsi-bypassamsi-evasionamsi-patchbypasscybercyber-securityevasionpatchpentestPowerShellpowershell-scriptsred-team安全
PowerShell
12
1 年前
0xjbb / Amsi-Patch 

AMSI ScanBuffer Patch with API Hook poc

amsi-bypassamsi-evasionC++ethical-hackingHackingredteamredteamingapi-hooking
C++
6
4 年前
bobby-tablez / Invoke-XORfuscation 

Generate obfuscated PowerShell commands using XOR logic with random keys!

malware-researchobfuscationPowerShellamsi-bypassamsi-evasionantivirus-bypassantivirus-evasionavbypass
PowerShell
6
4 个月前
Chainski / Powershell-Cradles 

Repo containing PowerShell Download Cradles (oneliners)

amsi-bypassamsi-evasionPowerShellamsi-patchshellcode-loaderoneliner-commandspayload
PowerShell
5
3 年前
D1se0 / AMSI-Bypass-Generator 

Generator of techniques to evade AMSI in Windows. It uses random methods to generate code without signatures detectable by Windows Defender. Ideal for security research and AMSI bypass.

amsi-bypassamsi-evasioncode-generatorethical-hackingGeneratorHackingpagepage-generatorPowerShell
JavaScript
4
6 个月前
Chainski / Lifetime-Amsi-EtwPatch 

Loads a C# binary in memory within powershell profile, patching AMSI + ETW.

amsi-bypassamsi-evasionamsi-patchetwetw-bypassfudNimpentesting-toolsPowerShellred-teamingoffensive-security
Nim
4
1 个月前
grisuno / amsi 

Amsi bypass in go tested on 10.0.20348.0 Microsoft Windows NT 10.0.20348.0

amsi-bypassamsi-evasionamsi-patchcross-compileredteamWindows
Go
3
17 天前
Gurpreet06 / AMSI_Patcher 

Patching AmsiOpenSession by forcing an error branching.

amsi-bypassamsi-evasionamsi-patchoffensive-securityC++hacking-tool
C++
2
2 年前
noderaven / solid-macro 

VB macro for Word exploit

amsi-bypassamsi-evasionExploitMicrosoftmicrosoft-officeoffensive-securityoffsecpocred-teamred-teamingShellshellcode-injectionVBA
VBA
2
2 个月前