Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/cobbr/insecurepowershellhost

InsecurePowerShellHost is a .NET Core host process for InsecurePowerShell, a version of PowerShell Core v6.0.0 with key security features removed.
https://github.com/cobbr/insecurepowershellhost

dotnet-core dotnet-core2 powershell powershell-core

Last synced: 3 months ago
JSON representation

InsecurePowerShellHost is a .NET Core host process for InsecurePowerShell, a version of PowerShell Core v6.0.0 with key security features removed.

Awesome Lists containing this project

README 

        
# InsecurePowerShellHost



InsecurePowerShellHost is a .NET Core host process for [InsecurePowerShell](https://github.com/cobbr/InsecurePowerShell), a version of PowerShell Core with key security features removed.



## InsecurePowerShell



InsecurePowershell is a fork of PowerShell Core v6.0.0, with key security features removed. InsecurePowerShell removes the following security features from PowerShell:



* AMSI - `InsecurePowerShell` does not submit any PowerShell code to the AMSI, even when there is an actively listening AntiMalware Provider.

* PowerShell Logging - `InsecurePowerShell` disables ScriptBlockLogging, Module Logging, and Transcription Logging. Even if they are enabled in Group Policy, these settings are ignored.

* LanguageModes - `InsecurePowerShell` always runs PowerShell code in `FullLanguage` mode. Attempting to set `InsecurePowerShell` to alternative LanguageModes, such as `ConstrainedLanguage` mode or `RestrictedLanguage` mode does not take any affect.

* ETW - `InsecurePowerShell` does not utilize ETW (Event Tracing for Windows).



More details are available [here](https://cobbr.io).