injectAmsiBypass

AMSIBypass Tool

A tool that bypasses AMSI in a remote process with code injection.

Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.

GitHub

377 stars
12 watching
68 forks
Language: C
last commit: almost 2 years ago

Related projects:

Repository Description Stars
boku7/injectetwbypass Tool to bypass ETW (Event Tracing for Windows) security measure in remote processes by injecting a custom syscall 276
boku7/hollow A tool that enables remote process shellcode execution using the Early Bird injection technique 267
boku7/halosgate-ps A Cobalt Strike Beacon Object File (BOF) that uses custom syscaller code to make direct system calls to retrieve process information on the target system. 95
baiyies/screenshotbofplus A tool designed to capture screenshots without injection on Windows systems using a Buffer Overflow (BOF) technique, intended for use in the context of Cobalt Strike. 175
apokryptein/secinject A tool for injecting malicious code into processes using native APIs and memory section mapping. 88
nvisosecurity/cobaltwhispers An aggressor script that allows Cobalt Strike to perform process injection and persistence by leveraging direct syscalls to bypass EDR/AV systems. 229
boku7/spawn A Cobalt Strike Beacon tool that spawns a sacrificial process to execute shellcode, using techniques like Arbitrary Code Guard and PPID spoofing to evade detection. 440
0x3rhy/adduser-bof A Cobalt Strike BOF that exploits a vulnerability to add an admin user 70
pizz33/gobypassav-shellcode A tool for creating shellcode bypasses of antivirus software 823
tomcarver16/bof-dll-inject A tool for injecting malware into processes by mapping it to memory without registering it with the kernel. 147
airbus-cert/invoke-bof Loads and executes a malicious payload in a Windows system using PowerShell. 245
netero1010/trustedpath-uacbypass-bof Tools and techniques to bypass Windows UAC restrictions on executable files by utilizing DCOM objects 119
cobalt-strike/bof-vs A Beacon Object File Visual Studio template project for creating malicious code executables 145
passthehashbrowns/bofmask A proof-of-concept project demonstrating how to mask Beacon's payload execution in Cobalt Strike while executing a user-provided BOF. 110
mlcsec/asrenum-bof Tools to detect and exploit vulnerabilities in Windows Attack Surface Reduction (ASR) settings 142