-
**Describe the bug**
When generating shellcode in Sliver, Donut has the AMSI and WLDP options enabled, which can add detections.
**To Reproduce**
Steps to reproduce the behavior:
1. Start Sliver…
-
AvRed logs show that file isnt detected by antivirus, but if i copy paste the executable onto AV machine it gets detected instantly. Any guidance ?
-
### Prerequisites
- [X] Write a descriptive title.
- [X] Make sure you are able to repro it on the [latest released version](https://github.com/PowerShell/PowerShell/releases)
- [X] Search the existi…
-
**Please note, I could be an absolute idiot and have this all wrong ( if this is the case please inform me of my error and close this :) )**
When using execute-assembly, defender obviously picks up…
0xjbb updated
2 years ago
-
- VSCode Version: 1.19.3
- OS Version: 10.0.16299.0
Steps to Reproduce:
1. Open PowerShell project in VS Code
Does this issue occur when all extensions are disabled?: No
Disabling…
-
As far as I can tell, through experiment, PowerShell will happily live stream all method invocations and arguments through AMSI.
What programming guidelines do the PowerShell Team have to this nove…
-
See this sample: https://labs.inquest.net/dfi/sha256/9404cbeacd30e170fe03bfdeb54663cb1439ccf73309e172e11349aa64fdbd00
Potential keywords (can be obfuscated):
- amsi
- AmsiUacInitialize
- "4C8BDC…
-
I'm trying to run the Tool against PowerUp.ps1 script but I'm getting : **Check Real Time protection is enabled** as an output and I don't know what does it mean.
I had the same Output on my Windo…
-
### Package Name
amsiscriptcontentretrieval
### Tool Name
AMSIScriptContentRetrieval
### Package type
SINGLE_PS1
### Tool's version number
2018.06.17
### Category
PowerShell
### Tool's autho…