Skip to content

Latest commit

 

History

History
18 lines (13 loc) · 636 Bytes

README.md

File metadata and controls

18 lines (13 loc) · 636 Bytes

AMSITrigger

Hunting for Malicious Strings

Usage:

-i, --inputfile=VALUE   Powershell filename
-u, --url=VALUE         URL eg. https://10.1.1.1/Invoke-NinjaCopy.ps1
-f, --format=VALUE      Output Format:
                            1 - Only show Triggers
                            2 - Show Triggers with Line numbers
                            3 - Show Triggers inline with code
                            4 - Show AMSI calls (xmas tree mode)
-d, --debug             Show Debug Info
-h, -?, --help          Show Help

For details see https://www.rythmstick.net/posts/amsitrigger