Template-Driven AV/EDR Evasion Framework

• UpdatedNov 3, 2023
• Assembly

Lifetime AMSI bypass

• UpdatedSep 26, 2023
• C++

PowerShell Script Obfuscator

• UpdatedNov 2, 2023
• Python

JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.

• UpdatedAug 21, 2024

"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS

• UpdatedMar 18, 2025
• PowerShell

• UpdatedSep 12, 2024
• C#

HTTP Server serving obfuscated Powershell Scripts/Payloads

• UpdatedJul 3, 2021
• PowerShell

Two in one, patch lifetime powershell console, no more etw and amsi!

• UpdatedJun 27, 2024
• Go

Lime Crypter Obfuscator Mod

• UpdatedJun 30, 2024
• C#

Expeditus is a loader that executes shellcode on a target Windows system. It combines several offensive techniques in order to attempt to do this with some level of stealth.

• UpdatedMay 30, 2022
• C#

Ignorando amsi.dll via patch na memória

• UpdatedOct 27, 2024
• C++

This PowerShell script applies a memory patch to bypass the Antimalware Scan Interface (AMSI), allowing unrestricted execution of PowerShell commands.

• UpdatedJun 2, 2024
• PowerShell

AMSI ScanBuffer Patch with API Hook poc

• UpdatedFeb 9, 2022
• C++

Generate obfuscated PowerShell commands using XOR logic with random keys!

• UpdatedFeb 8, 2024
• PowerShell

Loads a C# binary in memory within powershell profile, patching AMSI + ETW.

• UpdatedJun 27, 2024
• Nim

AMSI Bypass by Memory Patching

• UpdatedMay 5, 2024
• PowerShell

Repo containing PowerShell Download Cradles (oneliners)

• UpdatedDec 7, 2022
• PowerShell

Generator of techniques to evade AMSI in Windows. It uses random methods to generate code without signatures detectable by Windows Defender. Ideal for security research and AMSI bypass.

• UpdatedFeb 16, 2025
• JavaScript

Patching AmsiOpenSession by forcing an error branching.

• UpdatedJul 20, 2023
• C++

VB macro for Word exploit

• UpdatedJan 28, 2025
• VBA