injectAmsiBypass
AMSIBypass Tool
A tool that bypasses AMSI in a remote process with code injection.
Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.
377 stars
12 watching
68 forks
Language: C
last commit: over 1 year ago Related projects:
| Repository | Description | Stars |
|---|---|---|
| boku7/injectetwbypass | Tool to bypass ETW (Event Tracing for Windows) security measure in remote processes by injecting a custom syscall | 277 |
| boku7/hollow | A tool that enables remote process shellcode execution using the Early Bird injection technique | 266 |
| boku7/halosgate-ps | A Cobalt Strike Beacon Object File (BOF) that uses custom syscaller code to make direct system calls to retrieve process information on the target system. | 94 |
 baiyies/screenshotbofplus | A tool designed to capture screenshots without injection on Windows systems using a Buffer Overflow (BOF) technique, intended for use in the context of Cobalt Strike. | 175 |
 apokryptein/secinject | A tool for injecting malicious code into processes using native APIs and memory section mapping. | 87 |
 nvisosecurity/cobaltwhispers | An aggressor script that allows Cobalt Strike to perform process injection and persistence by leveraging direct syscalls to bypass EDR/AV systems. | 227 |
| boku7/spawn | A Cobalt Strike Beacon tool that spawns a sacrificial process to execute shellcode, using techniques like Arbitrary Code Guard and PPID spoofing to evade detection. | 429 |
 0x3rhy/adduser-bof | A Cobalt Strike BOF that exploits a vulnerability to add an admin user | 69 |
 pizz33/gobypassav-shellcode | A tool for creating shellcode bypasses of antivirus software | 816 |
 tomcarver16/bof-dll-inject | A tool for injecting malware into processes by mapping it to memory without registering it with the kernel. | 147 |
 airbus-cert/invoke-bof | Loads and executes a malicious payload in a Windows system using PowerShell. | 246 |
 netero1010/trustedpath-uacbypass-bof | Tools and techniques to bypass Windows UAC restrictions on executable files by utilizing DCOM objects | 117 |
 cobalt-strike/bof-vs | A Beacon Object File Visual Studio template project for creating malicious code executables | 138 |
 passthehashbrowns/bofmask | A proof-of-concept project demonstrating how to mask Beacon's payload execution in Cobalt Strike while executing a user-provided BOF. | 108 |
 mlcsec/asrenum-bof | Tools to detect and exploit vulnerabilities in Windows Attack Surface Reduction (ASR) settings | 138 |