RythmStick/AMSITrigger RythmStick/AMSITrigger

  • Stars
    star
    1,048
  • Rank 43,968 (Top 0.9 %)
  • Language
    C#
  • License
    GNU General Publi...
  • Created over 4 years ago
  • Updated about 2 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
RythmStick/AMSITrigger
github

RythmStick

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

The Hunt for Malicious Strings

AMSITrigger v3

Hunting for Malicious Strings

Usage:

-i, --inputfile=VALUE       Powershell filename
-u, --url=VALUE             URL eg. https://10.1.1.1/Invoke-NinjaCopy.ps1
-f, --format=VALUE          Output Format:
                              1 - Only show Triggers
                              2 - Show Triggers with Line numbers
                              3 - Show Triggers inline with code
                              4 - Show AMSI calls (xmas tree mode)
-d, --debug                 Show Debug Info
-m, --maxsiglength=VALUE    Maximum signature Length to cater for,
                              default=2048
-c, --chunksize=VALUE       Chunk size to send to AMSIScanBuffer,
                              default=4096
-h, -?, --help              Show Help

For details see https://www.rythmstick.net/posts/amsitrigger

More Repositories

1

ProxyPunch

Finding SSL Blindspots for Red Teams
C#
30
star
2

CVE-2019-1064

CVE-2019-1064 Local Privilege Escalation Vulnerability
C#
23
star
3

GetCompliant

Extracts passwords from file that match specified complexity
C#
4
star
4

G_CiOptions-offsets

g_CiOptions offset from CiInitialize
2
star
5

Misc

PowerShell
2
star
6

rythmstick.github.io

HTML
1
star
7

Ger

1
star