cobbr / PSAmsi

PSAmsi is a tool for auditing and defeating AMSI signatures.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

PSAmsi

PSAmsi is a tool for auditing and defeating AMSI signatures.

It's best utilized in a test environment to quickly create payloads you know will not be detected by a particular AntiMalware Provider, although it can be useful in certain situations outside of a test environment.

When using outside of a test environment, be sure to understand how PSAmsi works, as it can generate AMSI alerts.

Getting Started

Installation instructions and an introduction to using PSAmsi are available in the Wiki.

Disclaimer

You are only authorized to use PSAmsi (and payloads created with PSAmsi) on systems that you have permission to use it on. It was created for research purposes only.

Acknowledgements

A huge thanks to the following people whose code is used by PSAmsi:

About

PSAmsi is a tool for auditing and defeating AMSI signatures.

License:GNU General Public License v3.0


Languages

Language:PowerShell 100.0%