Template-Driven AV/EDR Evasion Framework
Lifetime AMSI bypass
PowerShell Script Obfuscator
JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.
"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS
Two in one, patch lifetime powershell console, no more etw and amsi!
HTTP Server serving obfuscated Powershell Scripts/Payloads
A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow
Expeditus is a loader that executes shellcode on a target Windows system. It combines several offensive techniques in order to attempt to do this with some level of stealth.
Bypassing amsi.dll via memory patch, simple code!
This PowerShell script applies a memory patch to bypass the Antimalware Scan Interface (AMSI), allowing unrestricted execution of PowerShell commands.
AMSI ScanBuffer Patch with API Hook poc
Generate obfuscated PowerShell commands using XOR logic with random keys!
Repo containing PowerShell Download Cradles (oneliners)
Generator of techniques to evade AMSI in Windows. It uses random methods to generate code without signatures detectable by Windows Defender. Ideal for security research and AMSI bypass.
Loads a C# binary in memory within powershell profile, patching AMSI + ETW.
Patching AmsiOpenSession by forcing an error branching.
