GitHub

Simple parser to convert XML strings to JSON.

This code is based off the xml-parser here: https://github.com/segmentio/xml-parser. Please see that page for details of the JSON output. The parse function takes an ...
GitHub

unloading_amsi_via_reflection.yml

description: The following analytic detects the tampering of AMSI (Antimalware Scan Interface) via PowerShell reflection. It leverages PowerShell Script Block Logging (EventCode=4104) to capture and ...