blue-team-tools

Author SHA1 Message Date

Author	SHA1	Message	Date
Thomas Patzke	6e7208553a	Revert "removing for new pull request" This reverts commit `ca7e8d6468`.	2018-08-27 23:39:29 +02:00
yt0ng	ca7e8d6468	removing for new pull request	2018-08-17 18:42:10 +02:00
yt0ng	8ecf167e85	Powershell AMSI Bypass via .NET Reflection [Ref].Assembly.GetType('http://System.Management .Automation.AmsiUtils').GetField('amsiInitFailed','NonPublic,Static').SetValue($null,$true) seen in recent activity https://www.hybrid-analysis.com/sample/0ced17419e01663a0cd836c9c2eb925e3031ffb5b18ccf35f4dea5d586d0203e?environmentId=120	2018-08-17 18:26:04 +02:00

Thomas Patzke

6e7208553a

Revert "removing for new pull request"

This reverts commit ca7e8d6468.

2018-08-27 23:39:29 +02:00

yt0ng ca7e8d6468 removing for new pull request 2018-08-17 18:42:10 +02:00

yt0ng

8ecf167e85

Powershell AMSI Bypass via .NET Reflection

[Ref].Assembly.GetType('http://System.Management .Automation.AmsiUtils').GetField('amsiInitFailed','NonPublic,Static').SetValue($null,$true)

seen in recent activity https://www.hybrid-analysis.com/sample/0ced17419e01663a0cd836c9c2eb925e3031ffb5b18ccf35f4dea5d586d0203e?environmentId=120

2018-08-17 18:26:04 +02:00

3 Commits