Learning Objectives of AMSI

• Understand the purpose of runtime detections and how they are instrumented.

• Learn and apply techniques to bypass AMSI.

• Understand common mitigations and potential alternatives to techniques.

Runtime detection measures can cause many headaches and roadblocks when executing malicious code. Luckily for us as attackers, there are several techniques and methods we can abuse and leverage to bypass common runtime detection solutions.

This room will use research from several authors and researchers; all credit goes to the respective owners. https://tryhackme.com/room/runtimedetectionevasion