S3cur3Th1sSh1t
commented
4 years ago I have decided to not invest more time in changing the AMSI signature. Its pretty easy to build an own bypass. Use one of the existing bypasses and change its signature/triggers - "https://github.com/S3cur3Th1sSh1t/Amsi-Bypass-Powershell".
If the script is detected by the file signature on the disk - dont put it on the disk 👍
Just a quick message to say all three of the ways to run your script are being blocked by Windows Defendar since this morning on an up to date Win 10.
Can supply any more details if needed but I suspect you can reproduce rather easily.