Add: whydee86/SnD_AMSI to Defense Evasion section

2024-10-01 07:45:36 -04:00 · 2022-02-16 23:12:18 +07:00 · 2022-02-16 23:12:18 +07:00 · 016d4e068f
commit 016d4e068f
parent d3e9452b2a
1 changed files with 4 additions and 0 deletions
--- a/Offensive.md
+++ b/Offensive.md
@ -2297,6 +2297,10 @@ Some tools can be categorized in more than one category. But because the current
        <td><a href="https://gitlab.com/theepicpowner/dcom_av_exec">theepicpowner/dcom_av_exec</a></td>
        <td>DCOM_AV_EXEC allows for "diskless" lateral movement to a target on the same network via DCOM. The AV_Bypass_Framework_V3 creates a .NET shellcode runner (output as DLL) which can be used with the DCOM_AV_EXEC tool to bypass antivirus solutions like Microsoft Defender as all shellcode is AES encrypted and executed in memory.</td>
    </tr>
+    <tr>
+        <td><a href="https://github.com/whydee86/SnD_AMSI">/whydee86/SnD_AMSI</a></td>
+        <td>Start new PowerShell without etw and amsi in pure nim</td>
+    </tr>
 </table>

 ## Collection