The RETurn of AMSI – Easy DLL Patching without C3
TL;DR For people that just want the slides and github link AMSI and ETW detections If you’ve been tapped into Defender (Home and / or Endpoint Product) since the end of Summer 2024, you’ve no doubt seen the newer AMSI and ETW patch detections. In fact, a lot of tooling has changed as a result. […]
The RETurn of AMSI – Easy DLL Patching without C3 Read More »