Template-Driven AV/EDR Evasion Framework
-
Updated
Nov 3, 2023 - Assembly
Template-Driven AV/EDR Evasion Framework
Lifetime AMSI bypass
PowerShell Script Obfuscator
JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.
"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS
HTTP Server serving obfuscated Powershell Scripts/Payloads
Lime Crypter Obfuscator Mod
Expeditus is a loader that executes shellcode on a target Windows system. It combines several offensive techniques in order to attempt to do this with some level of stealth.
AMSI ScanBuffer Patch with API Hook poc
Generate obfuscated PowerShell commands using XOR logic with random keys!
Repo containing PowerShell Download Cradles (oneliners)
Lifetime AMSI bypass by @ZeroMemoryEx ported to Golang.
Patching AmsiOpenSession by forcing an error branching.
Add a description, image, and links to the amsi-evasion topic page so that developers can more easily learn about it.
To associate your repository with the amsi-evasion topic, visit your repo's landing page and select "manage topics."