Skip to content

MpCmdRun/Amsi-Patch

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
AmsiScan
AmsiScan
 
 
AmsiScan.sln
AmsiScan.sln
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Amsi-Patcher

🚀 A Example of how to temporarily patch AMSI on Runtime

Features

  • 🛡️ Returns AMSI To always be disabled so WD basically gives up
  • 📦 Patches AmsiScanBuffer Windows 10 & 11
  • 🪄 Logs all Errors or Outputs to the Console

⚠️ Warning

This code is intended for educational and research purposes only.

🛠️ Build

  • Visual Studio 2022+
  • .NET Framework 4.8
  • Release x64 mode highly recommended.

📚 References

📷 Runtime Results (Kleenscan)

image

  • Surprisingly Bypassed ESET, ThreatDown EDR and many more (I was expecting only defender to be bypassed)

📜 License

MIT License (see LICENSE)

About

I got bored and there was a request to create an amsi patch and so I did. this is not yet detected but will probably get detected in the near future.

Resources

Readme

License

View license
Activity

Stars

4 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages