Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/RythmStick/AMSITrigger
The Hunt for Malicious Strings
https://github.com/RythmStick/AMSITrigger
Last synced: 21 days ago
JSON representation
The Hunt for Malicious Strings
- Host: GitHub
- URL: https://github.com/RythmStick/AMSITrigger
- Owner: RythmStick
- License: gpl-3.0
- Created: 2020-05-27T09:17:19.000Z (over 4 years ago)
- Default Branch: master
- Last Pushed: 2022-08-21T22:37:23.000Z (over 2 years ago)
- Last Synced: 2024-08-05T17:24:20.301Z (4 months ago)
- Language: C#
- Size: 60.5 KB
- Stars: 1,025
- Watchers: 13
- Forks: 151
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-lists - RythmStick/AMSITrigger - The Hunt for Malicious Strings (C# #)
README
# AMSITrigger v3
## Hunting for Malicious Strings### Usage:
-i, --inputfile=VALUE Powershell filename
-u, --url=VALUE URL eg. https://10.1.1.1/Invoke-NinjaCopy.ps1
-f, --format=VALUE Output Format:
1 - Only show Triggers
2 - Show Triggers with Line numbers
3 - Show Triggers inline with code
4 - Show AMSI calls (xmas tree mode)
-d, --debug Show Debug Info
-m, --maxsiglength=VALUE Maximum signature Length to cater for,
default=2048
-c, --chunksize=VALUE Chunk size to send to AMSIScanBuffer,
default=4096
-h, -?, --help Show Help
For details see https://www.rythmstick.net/posts/amsitrigger