Awesome Open Source
Awesome Open Source

PSAmsi

PSAmsi is a tool for auditing and defeating AMSI signatures.

It's best utilized in a test environment to quickly create payloads you know will not be detected by a particular AntiMalware Provider, although it can be useful in certain situations outside of a test environment.

When using outside of a test environment, be sure to understand how PSAmsi works, as it can generate AMSI alerts.

Getting Started

Installation instructions and an introduction to using PSAmsi are available in the Wiki.

Disclaimer

You are only authorized to use PSAmsi (and payloads created with PSAmsi) on systems that you have permission to use it on. It was created for research purposes only.

Acknowledgements

A huge thanks to the following people whose code is used by PSAmsi:


Get A Weekly Email With Trending Projects For These Topics
No Spam. Unsubscribe easily at any time.
Powershell (23,474