Add: netbiosX/AMSI-Provider to Defense Evasion section

2025-01-05 21:10:53 -05:00 · 2021-08-22 17:48:10 +07:00 · 2021-08-22 17:48:10 +07:00 · 1a9fd12bde
commit 1a9fd12bde
parent 57d06cf5e0
1 changed files with 5 additions and 4 deletions
--- a/Offensive.md
+++ b/Offensive.md
@ -1159,6 +1159,10 @@ Some tools can be categorized in more than one category. But because the current
        <td><a href="https://github.com/nccgroup/demiguise">nccgroup/demiguise</a></td>
        <td>HTA encryption tool for RedTeams</td>
    </tr>
+    <tr>
+        <td><a href="https://github.com/netbiosX/AMSI-Provider">netbiosX/AMSI-Provider</a></td>
+        <td>A fake AMSI Provider which can be used for persistence.</td>
+    </tr>
    <tr>
        <td><a href="https://github.com/NotPrab/.NET-Obfuscator">NotPrab/.NET-Obfuscator</a></td>
        <td>Lists of .NET Obfuscator (Free, Trial, Paid and Open Source )</td>
@ -1189,10 +1193,7 @@ Some tools can be categorized in more than one category. But because the current
    </tr>
    <tr>
        <td><a href="https://github.com/PwnDexter/SharpEDRChecker">PwnDexter/SharpEDRChecker</a></td>
-        <td>Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs
-            metadata, common install directories, installed services and each service binaries metadata, installed
-            drivers and each drivers metadata, all for the presence of known defensive products such as AV's, EDR's and
-            logging tools.</td>
+        <td>Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services and each service binaries metadata, installed drivers and each drivers metadata, all for the presence of known defensive products such as AV's, EDR's and logging tools.</td>
    </tr>
    <tr>
        <td><a href="https://github.com/RedCursorSecurityConsulting/PPLKiller">RedCursorSecurityConsulting/PPLKiller</a></td>