Add: Flangvik/AMSI.fail to Defense Evasion section

2025-01-05 21:10:53 -05:00 · 2021-08-22 17:49:18 +07:00 · 2021-08-22 17:49:18 +07:00 · bf4ceb313f
commit bf4ceb313f
parent 1a9fd12bde
1 changed files with 4 additions and 0 deletions
--- a/Offensive.md
+++ b/Offensive.md
@ -1082,6 +1082,10 @@ Some tools can be categorized in more than one category. But because the current
        <td><a href="https://github.com/fireeye/OfficePurge">fireeye/OfficePurge</a></td>
        <td>VBA purge your Office documents with OfficePurge. VBA purging removes P-code from module streams within Office documents.</td>
    </tr>
+    <tr>
+        <td><a href="https://github.com/Flangvik/AMSI.fail">Flangvik/AMSI.fail</a></td>
+        <td>C# Azure Function with an HTTP trigger that generates obfuscated PowerShell snippets that break or disable AMSI for the current process.</td>
+    </tr>
    <tr>
        <td><a href="https://github.com/GetRektBoy724/TripleS">GetRektBoy724/TripleS</a></td>
        <td>Syscall Stub Stealer - Freshly steal Syscall stub straight from the disk</td>