buy a ticket
become our partner

AMSI: Four letters for safe scripting

The talk was declined

Sergey Chubarov



Demo-based session.

Session dives into Antimalware Scanning Interface (AMSI): security feature built into Windows 10/11. Every Developer or IT Admin who writes VB/Powershell scripts for Windows should be aware of that.
Then AMSI be reverse engineered with tracing tools, IDA & Windbg.
In the end session explains how attackers can bypass AMSI protection and run their malicious scripts.