Closed molatho closed 1 year ago
{ "name": "ThreatCheck", "phases": [ "10. Bypassing Defenses" ], "category": "", "stealthy": false, "platforms": [ "Windows" ], "source": "https://github.com/rasta-mouse/ThreatCheck", "description": "Identifies the bytes that Microsoft Defender / AMSI consumer flag on.", "undetected": [], "detected": [ "Windows Defender (AV)" ], "commands": [ { "id": "4a124d6d-4462-420b-b28c-c687b67e5d49", "name": "Process file w/ Defender", "description": "Runs a file through Defender and determines detected bytes.", "tag": "", "results": [], "cmd": "ThreatCheck.exe --file binary.exe" }, { "id": "02a434e6-e0cc-4819-8d14-75b5ea2440e5", "name": "Process file w/ AMSI", "description": "Runs a file through Defender and determines detected bytes.", "tag": "", "results": [], "cmd": "ThreatCheck.exe --engine AMSI --file binary.exe" } ], "latest_commit": "2023-04-04T03:06:16Z" }