GitHub

PowerShell Shellcode Injection via Windows API.yml

description: Detects PowerShell using VirtualAlloc, CreateThread, and similar API calls for memory injection techniques. - 'VirtualAlloc' # Detects use of VirtualAlloc, a Windows API function used to ...
archive

github.com-trustedsec-unicorn_-_2018-08-05_01-25-20

The text file contains all of the code needed in order to inject the powershell attack into memory. Note you will need a place that supports remote command injection of some sort. Often times this ...