amsi
There are 40 repositories under amsi topic.
tokyoneon/Chimera
Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
mgeeky/Stracciatella
OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup
alphaSeclab/windows-security
Resources About Windows Security. 1100+ Open Source Tools. 3300+ Blog Post and Videos.
cfalta/PowerShellArmoury
A PowerShell armoury for security guys and girls
dobin/avred
Analyse your malware to surgically obfuscate it
sinfulz/JustEvadeBro
JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.
tokyoneon/CredPhish
CredPhish is a PowerShell script designed to invoke legitimate credential prompts and exfiltrate passwords over DNS.
GetRektBoy724/MeterPwrShell
Automated Tool That Generates The Perfect Meterpreter Powershell Payload
GetRektBoy724/BetterXencrypt
A better version of Xencrypt.Xencrypt it self is a Powershell runtime crypter designed to evade AVs.
atxsinn3r/amsiscanner
A C/C++ implementation of Microsoft's Antimalware Scan Interface
mez-0/InMemoryNET
Exploring in-memory execution of .NET
ScriptIdiot/BOF-patchit
An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are available.
safebuffer/LightMe
HTTP Server serving obfuscated Powershell Scripts/Payloads
machine1337/window-rat
The purpose of this tool is to test the window10 defender protection and also other antivirus protection.
EvilBytecode/Lifetime-Amsi-EtwPatch
Two in one, patch lifetime powershell console, no more etw and amsi!
Hagrid29/RemotePatcher
Patch AMSI and ETW in remote process via direct syscall
hfiref0x/Misc
Miscellaneous Code and Docs
ScriptIdiot/sleepmask_PatchlessHook
Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW
Tomiwa-Ot/py-amsi
Scan strings or files for malware using the Windows Antimalware Scan Interface
aress31/clm-rout
A C# program featuring an all-in-one bypass for CLM, AppLocker and AMSI using Runspace.
0i41E/Random
Random stuff
m8sec/EAPrimer
C# project to Reflectively load .Net assemblies in memory
MirekVales/MVsDotNetAMSIClient
🛡️ Convenient .NET Library for Invoking Antimalware Scan Interface (AMSI)
GetRektBoy724/LocalAMSI.Fail
This is a port of AMSI.fail,i modify the code to make it C# 5 compatible and can be executed on Windows 10 without installing any extra requirements.AMSI.fail itself generates obfuscated PowerShell snippets that break or disable AMSI for the current process.
okankurtuluss/AMSIBypassPatch
This PowerShell script applies a memory patch to bypass the Antimalware Scan Interface (AMSI), allowing unrestricted execution of PowerShell commands.
naim94a/amsi
Antimalware Scan Interface for Rust
0xjbb/Amsi-Patch
AMSI ScanBuffer Patch with API Hook poc
0xvm/AMSIBypass.cs
yet another amsi.dll
katahiromz/AmsiScanner
Threat detector for Windows 10
luke-beep/bypass-amsi-powershell
Anti Malware Scan Interface (DLL) Bypass
matzefriedrich/amsi
A library to integrate the Microsoft Windows Anti-Malware Scan Interface (AMSI) into any .NET application.
xiosec/AMSI-Bypass
AMSI bypass techniques and tools
macedonianlegend/Kematian
An advanced data recovery tool featuring a customizable C2 system, developed using Python, PowerShell, Go and C++ languages and equipped with a dedicated web-based GUI builder.
Print3M/amsi-dll-wrapper
AMSI DLL-Wrapper (DLL-Implant)
dyussekeyev/thamara
THAMARA - Threat Hunting with AMSI and YARA