AMSITrigger – The Hunt For Malicious Strings

Hunting for Malicious Strings Usage: AMSI calls (xmas tree mode) -d, –debug Show Debug Info -m, –maxsiglength=VALUE Maximum signature Length to cater for, default=2048 -c, –chunksize=VALUE Chunk size to send to AMSIScanBuffer, default=4096 -h, -?, –help Show Help “> -i, –inputfile=VALUE Powershell filename-u, –url=VALUE URL eg. https://10.1.1.1/Invoke-NinjaCopy.ps1-f, –format=VALUE Output Format: 1 – Only show TriggersRead More

X