# AV Evasion

## AMSI Bypass

* [AMSI Bypass – How it works - mdsec](https://www.mdsec.co.uk/2018/06/exploring-powershell-amsi-and-logging-evasion/)
* [Amsi-Bypass-Powershell](https://github.com/S3cur3Th1sSh1t/Amsi-Bypass-Powershell)
* [Making AMSI Jump - Offensive Defence](https://offensivedefence.co.uk/posts/making-amsi-jump/)
* [The RIse and Fall of AMSI - Tal Liberman](https://i.blackhat.com/briefings/asia/2018/asia-18-Tal-Liberman-Documenting-the-Undocumented-The-Rise-and-Fall-of-AMSI.pdf)
* [OffensiveNim - AMSI Patch](https://github.com/byt3bl33d3r/OffensiveNim/blob/master/src/amsi_patch_bin.nim)
* [Hunting for AMSI bypasses- Wee-Jing Chung](https://blog.f-secure.com/hunting-for-amsi-bypasses/)
* [Using Reflection for AMSI Bypass - redteam cafe](https://www.redteam.cafe/red-team/powershell/using-reflection-for-amsi-bypass)
* [AMSI Fail](https://amsi.fail/)
* [Memory Patching AMSI Bypass](https://rastamouse.me/blog/asb-bypass-pt2/)
* [How to bypass AMSI and execute ANY malicious Powershell code](https://0x00-0x00.github.io/research/2018/10/28/How-to-bypass-AMSI-and-Execute-ANY-malicious-powershell-code.html)
* [Introduction to Sandbox Evasion and AMSI Bypasses - Jake Krasnov, Anthony Rose, Vincent Rose](https://www.youtube.com/watch?v=F_BvtXzH4a4)
* [Evading Detection: A Beginner's Guide to Obfuscation](https://www.youtube.com/watch?v=lP2KF7_Kwxk)
* [Exploring PowerShell AMSI and Logging Evasion](https://www.mdsec.co.uk/2018/06/exploring-powershell-amsi-and-logging-evasion/)
* [AMSITrigger v3](https://github.com/RythmStick/AMSITrigger)
* [Bypass AMSI by manual modification](https://s3cur3th1ssh1t.github.io/Bypass_AMSI_by_manual_modification/)

## Resources

{% embed url="<https://tryhackme.com/room/hololive>" %}
TryHackMe - Holo
{% endembed %}