Livejournal
Log in
Post
Friends
My journal
sporaw
Microsoft AMSI (Antimalware Scan Interface): PowerShell/VBS/JS/etc
Apr 29, 2019 00:41
Antimalware Scan Interface (AMSI)
https://docs.microsoft.com/en-us/windows/desktop/AMSI/antimalware-scan-interface-portal
How the Antimalware Scan Interface (AMSI) helps you defend against malware
https://docs.microsoft.com/en-us/windows/desktop/AMSI/how-amsi-helps
Developer audience, and sample code
https://docs.microsoft.com/en-us/windows/desktop/AMSI/dev-audience
Antimalware Scan Interface (AMSI) reference
https://docs.microsoft.com/en-us/windows/desktop/AMSI/antimalware-scan-interface-reference
Пример старого (2 года+) обхода (reported):
https://enigma0x3.net/2017/07/19/bypassing-amsi-via-com-server-hijacking/
И еще:
https://rastamouse.me/2018/10/amsiscanbuffer-bypass/
microsoft
,
malware
,
antivirus
,
antimalware
Leave a comment
Read comments 2
Previous post
Next post
Up