AMSI bypass hooking NtCreateSection
POC for Rubeus execution.
Execute Openssl-Dev.exe "commands" to execute Rubeus (file deletefile.txt has to be in the same path, or change the file in the code)
0x5e6 / amsi_rubeus_bypass Goto Github PK
View Code? Open in Web Editor NEWThis project forked from waawaa/amsi_rubeus_bypass