Lifetime AMSI bypass
-
Updated
Sep 26, 2023 - C++
Lifetime AMSI bypass
Firefox webInjector capable of injecting codes into webpages using a mitmproxy.
This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built in Sleep() call. Most of the structure e.g. Sleep hook, shellcode exec etc. are taken from mgeeky's https://github.com/mgeeky/ShellcodeFluctuation.
Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"
Add a description, image, and links to the red-teaming topic page so that developers can more easily learn about it.
To associate your repository with the red-teaming topic, visit your repo's landing page and select "manage topics."