AV Evasion 101 - Powershell

Поделиться
HTML-код
  • Опубликовано: 8 сен 2024
  • In this Twitch stream I showed Powershell protection mechanisms and techniques to bypass them. In addition some Obfuscators for Scripts as well as manual modification for AV signature evasion were shown.
    Intruduction - 12:58
    Bypass AMSI - 24:40
    Load C# binaries into Powershell after patching AMSI - 45:55
    Script Block Logging introduction and bypass - 52:22
    Invoke-Obfuscation - 1:02:22
    Script Block Logging bypass No. 2 - 1:09:23
    Bypass Constrained Language Mode with MSBuildshell - 1:15:40
    PSBypassCLM obfuscation fail from my side - 1:26:25
    AmsiTrigger fails from my side - 1:38:23
    Pyfuscation - automate string replacements - 1:52:19
    Bypass the Defender in memory scanner for Mimikatz - 2:02:58
    Bypass in memory scanner by using PPID Spoofing - 2:18:00
    SandBox Evasion - 2:26:12
    AmsiTrigger & ThreadCheck troubleshooting - 2:55:00
    ISE-Steroids has pretty bad OPSec - 3:13:25
    Links mentioned and used:
    amsi.fail/
    s3cur3th1ssh1t...
    www.powertheshe...
    specterops.io/...
    github.com/itm...
    github.com/dan...
    www.bc-securit...
    github.com/Ryt...
    github.com/byt...
    github.com/Arv...
    github.com/ras...
    s3cur3th1ssh1t...
    Several Scripts were used from here:
    github.com/S3c...

Комментарии • 7

  • @youcefkel4743
    @youcefkel4743 2 года назад +3

    excellent work dude . huge fan . i will be binge watching your content . makes me feel sad that you havent posted in a while . thank you very very much dude .

  • @tojabdhei4881
    @tojabdhei4881 2 года назад +3

    Love your content dude! Was super helpful for me. Thanks for sharing and I hope you keep making this masterclasses

  • @masterkaio
    @masterkaio 3 года назад +2

    Thanks for sharing!

  • @Lolo5
    @Lolo5 Год назад +1

    starts at 12:58

  • @sye2781tube
    @sye2781tube 2 года назад

    how do i get Ps to run amsi bypass line by line i looked online and cant find anything, its probably obvious but i cant find it, with my scripts i just run it against PowerChunker. by the way im only 44mins in and find it very informative and easy to follow. great job

    • @ScurThsSht
      @ScurThsSht  2 года назад +1

      It's just about copying the bypass and pasting it into a Powershell window. As easy as that.

  • @OsloHollandwich
    @OsloHollandwich Год назад

    video not quality

Следующие
Автовоспроизведение
DLL Sideloading for stable persistence1:29:27DLL Sideloading for stable persistence
DLL Sideloading for stable persistenceS3cur3Th1sSh1t
Просмотров 1,2 тыс.
AV Evasion 101 - Powershell - Follow Up1:16:09AV Evasion 101 - Powershell - Follow Up
AV Evasion 101 - Powershell - Follow UpS3cur3Th1sSh1t
Просмотров 993
AV Evasion 101 - C#3:14:41AV Evasion 101 - C#
AV Evasion 101 - C#S3cur3Th1sSh1t
Просмотров 8 тыс.
OFFICIAL TRAILER: Uzumaki | adult swim01:45OFFICIAL TRAILER: Uzumaki | adult swim
OFFICIAL TRAILER: Uzumaki | adult swimAdult Swim
Просмотров 1,1 млн
DRAGON BALL: Sparking! ZERO - Majin Buu Saga Character Trailer03:24DRAGON BALL: Sparking! ZERO – Majin Buu Saga Character Trailer
DRAGON BALL: Sparking! ZERO - Majin Buu Saga Character TrailerBandai Namco Entertainment America
Просмотров 892 тыс.
CENTRAL CEE X RAYE - MOI (MUSIC VIDEO)02:56CENTRAL CEE X RAYE - MOI (MUSIC VIDEO)
CENTRAL CEE X RAYE - MOI (MUSIC VIDEO)Central Cee
Просмотров 3,1 млн
Our NEW HOME on the Ocean (BOAT TOUR)32:23Our NEW HOME on the Ocean (BOAT TOUR)
Our NEW HOME on the Ocean (BOAT TOUR)B2B Castaways (Strick and Fran)
Просмотров 236 тыс.
Black Hat Bash: Bash Scripting for Hackers and Pentesters (Bonus: GraphQL and Drone hacking)1:40:11Black Hat Bash: Bash Scripting for Hackers and Pentesters (Bonus: GraphQL and Drone hacking)
Black Hat Bash: Bash Scripting for Hackers and Pentesters (Bonus: GraphQL and Drone hacking)David Bombal
Просмотров 63 тыс.
So You Think You Know Git - FOSDEM 202447:00So You Think You Know Git - FOSDEM 2024
So You Think You Know Git - FOSDEM 2024GitButler
Просмотров 1,1 млн
NSA Backdoor in Windows? This and more from the guy who created Windows Task Manager!53:11NSA Backdoor in Windows? This and more from the guy who created Windows Task Manager!
NSA Backdoor in Windows? This and more from the guy who created Windows Task Manager!David Bombal
Просмотров 464 тыс.
Postgres just got even faster26:42Postgres just got even faster
Postgres just got even fasterHussein Nasser
Просмотров 13 тыс.
AV Evasion 101 - VBS/VBA - Office Macros3:01:16AV Evasion 101 - VBS/VBA - Office Macros
AV Evasion 101 - VBS/VBA - Office MacrosS3cur3Th1sSh1t
Просмотров 4,2 тыс.
DLL Sideloading1:15:45DLL Sideloading
DLL SideloadingS3cur3Th1sSh1t
Просмотров 6 тыс.
Free Hacking API courses (And how to use AI to help you hack)53:46Free Hacking API courses (And how to use AI to help you hack)
Free Hacking API courses (And how to use AI to help you hack)David Bombal
Просмотров 106 тыс.
Creator of git, Linus Torvalds Presents the Fundamentals of git1:10:15Creator of git, Linus Torvalds Presents the Fundamentals of git
Creator of git, Linus Torvalds Presents the Fundamentals of gitDevelopers Alliance
Просмотров 89 тыс.
Linux File System/Structure Explained!15:59Linux File System/Structure Explained!
Linux File System/Structure Explained!DorianDotSlash
Просмотров 4,1 млн
POV: Your kids ask to play the claw machine00:20POV: Your kids ask to play the claw machine
POV: Your kids ask to play the claw machineHungry FAM
Просмотров 9 млн
Daughter Didn't Sleep, So She Was Kicked Out By Her Dad#funny #fatherhoodlove #cute #fatherlove00:19Daughter Didn't Sleep, So She Was Kicked Out By Her Dad#funny #fatherhoodlove #cute #fatherlove
Daughter Didn't Sleep, So She Was Kicked Out By Her Dad#funny #fatherhoodlove #cute #fatherloveFunny daughter's life
Просмотров 687 тыс.
Самые странные телефоны в истории❗#телефон #смартфон #технологии #техника #топ #ретротелефон01:00Самые странные телефоны в истории❗#телефон #смартфон #технологии #техника #топ #ретротелефон
Самые странные телефоны в истории❗#телефон #смартфон #технологии #техника #топ #ретротелефонПавел Хмурчик
Просмотров 96 тыс.
Мама знает где все документы00:21Мама знает где все документы
Мама знает где все документыКЕРЯ
Просмотров 735 тыс.
Chuck Be Like : Not My Problem😂 | #brawlstars #shorts00:14Chuck Be Like : Not My Problem😂 | #brawlstars #shorts
Chuck Be Like : Not My Problem😂 | #brawlstars #shortsCaptain Shiraj
Просмотров 880 тыс.
Har bir ayol baxtliy bo’lishga xaqliy. #uzbekkino #music #kinolar #film #love #kino #live00:26Har bir ayol baxtliy bo’lishga xaqliy. #uzbekkino #music #kinolar #film #love #kino #live
Har bir ayol baxtliy bo’lishga xaqliy. #uzbekkino #music #kinolar #film #love #kino #liveOlovnur Media
Просмотров 1,4 млн
ЭТОТ МОДИФИЦИРОВАННЫЙ СКОРОСТРЕЛ ПРОСТО ИМБА! / PVZ00:45ЭТОТ МОДИФИЦИРОВАННЫЙ СКОРОСТРЕЛ ПРОСТО ИМБА! / PVZ
ЭТОТ МОДИФИЦИРОВАННЫЙ СКОРОСТРЕЛ ПРОСТО ИМБА! / PVZIGRARIUM - Игровые обзоры
Просмотров 575 тыс.
ОХОТА НА БОРОВУЮ ДИЧЬ У ИЗБЫ ГЛУХАРИНОЙ. РАЗВЕДКА БОЛОТНОГО ОЗЕРА.27:16ОХОТА НА БОРОВУЮ ДИЧЬ У ИЗБЫ ГЛУХАРИНОЙ. РАЗВЕДКА БОЛОТНОГО ОЗЕРА.
ОХОТА НА БОРОВУЮ ДИЧЬ У ИЗБЫ ГЛУХАРИНОЙ. РАЗВЕДКА БОЛОТНОГО ОЗЕРА.-ТАЁЖНЫЙ-
Просмотров 508 тыс.