security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8ecf167e85f79b7ac24fcfa5e5f3a136c07b0670
blue-team-tools/rules
T
History
yt0ng 8ecf167e85 Powershell AMSI Bypass via .NET Reflection 
[Ref].Assembly.GetType('http://System.Management .Automation.AmsiUtils').GetField('amsiInitFailed','NonPublic,Static').SetValue($null,$true)

seen in recent activity https://www.hybrid-analysis.com/sample/0ced17419e01663a0cd836c9c2eb925e3031ffb5b18ccf35f4dea5d586d0203e?environmentId=120
2018-08-17 18:26:04 +02:00
..
application
Fixes for Elasticsearch query correctness CI tests
2018-04-09 22:33:29 +02:00
apt
Oilrig Information gathering
2018-08-15 14:29:59 +02:00
linux
Adjusted rules to the new specs reg "not null" usage
2018-06-28 09:30:31 +02:00
network
Fixed ATT&CK tagging
2018-08-08 15:58:19 +02:00
proxy
Bugfix in Flash Downloader Rule
2018-06-30 23:39:38 +02:00
web
Rule: widened the CVE-2018-2894 WebLogic rule
2018-07-22 20:36:10 -06:00
windows
Powershell AMSI Bypass via .NET Reflection
2018-08-17 18:26:04 +02:00