Template-Driven AV/EDR Evasion Framework
-
Updated
Nov 3, 2023 - Assembly
Template-Driven AV/EDR Evasion Framework
Lifetime AMSI bypass
A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell. Feel free to DM if you find some bugs :)
PowerShell Script Obfuscator
JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.
"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS
PowerShell Obfuscator. A PowerShell script anti-virus evasion tool
Generator of https://github.com/TheWover/donut in pure Go. supports compression, AMSI/WLDP/ETW bypass, etc.
Lime Crypter Obfuscator Mod
A C# program featuring an all-in-one bypass for CLM, AppLocker and AMSI using Runspace.
Expeditus is a loader that executes shellcode on a target Windows system. It combines several offensive techniques in order to attempt to do this with some level of stealth.
AMSI ScanBuffer Patch with API Hook poc
Generate obfuscated PowerShell commands using XOR logic with random keys!
an undetected (by windows defender, AMSI, and malwarebytes) powershell reverse shell based off of hoaxshell - with firewall bypass
A repository containing utilities related to PowerShell
AMSI bypass techniques and tools
Anti Malware Scan Interface (DLL) Bypass
Repo containing PowerShell Download Cradles (oneliners)
Add a description, image, and links to the amsi-bypass topic page so that developers can more easily learn about it.
To associate your repository with the amsi-bypass topic, visit your repo's landing page and select "manage topics."