Stracciatella

Bypass feature

A tool to bypass security features in PowerShell and create an unmanaged environment for executing malicious code

OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup

GitHub

509 stars
14 watching
65 forks
Language: C#
last commit: about 2 years ago
amsibypassopsecpowershellredteamsharppickunmanaged

Related projects:

Repository Description Stars
isecpartners/android-killpermandsigchecks A tool to bypass Android's signature and permission checks for Inter-Process Communications (IPC) using Cydia Substrate. 83
zu1k/beacon_hook_bypass_memscan Bypassing memory scanning to evade detection by the Karbenz CASB (Content Awareness Security Platform) security solution 24
padovah4ck/psbypassclm Bypasses AppLocker restrictions in PowerShell to enable more advanced language functionality 380
k8gege/scrun A tool designed to bypass antivirus software and load malicious shellcode into processes 177
waldo-irc/youmaypasser A proof-of-concept implementation of Gargoyle to bypass anti-cheat systems PeSieve and Moneta on 64-bit Windows 250
omerya/invisi-shell A tool to hide PowerShell scripts from security features by hooking .Net assemblies 1,117
mgeeky/threadstackspoofer An advanced in-memory evasion technique to hide injected shellcode's memory allocation from scanners and analysts. 1,053
tokyoneon/chimera PowerShell obfuscation script designed to bypass antivirus detection by modifying the behavior of existing PowerShell scripts 1,432
b1ank1108/bypassav A Python-based tool that generates bypassed anti-virus detection code by performing XOR operations on shellcode 52
pizz33/gobypassav-shellcode A tool for creating shellcode bypasses of antivirus software 823
infosecn1nja/maliciousmacromsbuild Generates malicious macros to bypass application whitelisting and execute powershell or shellcode via MSBuild. 495
klezvirus/cheesetools Tools for exploiting vulnerabilities in Windows systems to facilitate lateral movement and code execution 692
mgeeky/redwarden A tool to evade detection by security systems and incident responders by manipulating HTTP requests 933
mgeeky/cobalt-arsenal A collection of battle-tested PowerShell scripts for Cobalt Strike 4.0+ 1,048
mgeeky/shellcodefluctuation An advanced in-memory evasion technique for hiding malicious code from scanners by fluctuating shellcode's memory protection and encrypting its contents. 957