Template-Driven AV/EDR Evasion Framework
翻译 - 模板驱动的 AV / EDR 规避框架
A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell.
Lifetime AMSI bypass
PowerShell Script Obfuscator
JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.
"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS
NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support
Two in one, patch lifetime powershell console, no more etw and amsi!
#安全#PowerShell Obfuscator. A PowerShell script anti-virus evasion tool
Generator of https://github.com/TheWover/donut in pure Go. supports compression, AMSI/WLDP/ETW bypass, etc.
A C# program featuring an all-in-one bypass for CLM, AppLocker and AMSI using Runspace.
Expeditus is a loader that executes shellcode on a target Windows system. It combines several offensive techniques in order to attempt to do this with some level of stealth.
This PowerShell script applies a memory patch to bypass the Antimalware Scan Interface (AMSI), allowing unrestricted execution of PowerShell commands.
AMSI ScanBuffer Patch with API Hook poc
Advanced PowerShell-based red team implant along with a custom C2 (Command & Control) server
Generate obfuscated PowerShell commands using XOR logic with random keys!
Loads a C# binary in memory within powershell profile, patching AMSI + ETW.
an undetected (by windows defender, AMSI, and malwarebytes) powershell reverse shell based off of hoaxshell - with firewall bypass