Skip to content
/ asb Public

in-memory patching of AmsiScanBuffer to bypass AMSI

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

kaIIsyms/asb

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
README.md
README.md
 
 
asb.c
asb.c
 
 

Repository files navigation

AMSI bypass by memory patching AmsiScanBuffer

  • Highly inspired by AmsiScanBufferBypass
  • ASB patching in runtime
    • Indirect syscalls execution
      • Syscall stomping technique
      • (today there is some EDRs that can detect it)
    • Dynamic WinAPI resolution

(C) gbr 2025

About

in-memory patching of AmsiScanBuffer to bypass AMSI

Topics

amsi amsiscanbuffer amsi-bypass amsi-patch indirect-syscall

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages