InsecurePowerShellHost

InsecurePowerShellHost is a .NET Core host process for InsecurePowerShell, a version of PowerShell Core v6.0.0 with key security features removed.

Stars
30
Committers
2
View Code on GitHub Visit Website
Ecosystems: PowerShell, .NET

Bot releases are hidden (Show)

InsecurePowerShellHost - InsecurePowerShellHost-v6.0.0-rc.2 Latest Release

Published by cobbr almost 7 years ago

InsecurePowerShellHost

InsecurePowerShellHost is a .NET Core host process for InsecurePowerShell, a version of PowerShell Core with key security features removed.

InsecurePowerShell

InsecurePowershell is a fork of PowerShell Core v6.0.0, with key security features removed. InsecurePowerShell removes the following security features from PowerShell:

  • AMSI - InsecurePowerShell does not submit any PowerShell code to the AMSI, even when there is an actively listening AntiMalware Provider.
  • PowerShell Logging - InsecurePowerShell disables ScriptBlockLogging, Module Logging, and Transcription Logging. Even if they are enabled in Group Policy, these settings are ignored.
  • LanguageModes - InsecurePowerShell always runs PowerShell code in FullLanguage mode. Attempting to set InsecurePowerShell to alternative LanguageModes, such as ConstrainedLanguage mode or RestrictedLanguage mode does not take any affect.
  • ETW - InsecurePowerShell does not utilize ETW (Event Tracing for Windows).

More details are available here.

Related Projects
windows_hardening

HardeningKitty and Windows Hardening Settings

23 Oct 2017 2,331
PSReadLine

A bash inspired readline implementation for PowerShell

13 May 2013 3,595
PowerShell

PowerShell for every system!

13 Jan 2016 43,213
Applocker-Hardening

Ultimate Applocker Hardening Configuration Script.

19 Nov 2020 25
ruby-pwsh

A ruby gem for interacting with PowerShell

05 Sep 2019 15
Powershell-networking-tool

This is the Powershell version of my CMD networking tool.

27 May 2023 1
bypass-clm

PowerShell Constrained Language Mode Bypass

29 Jan 2021 218
PowerShell-Docker

Repository for building PowerShell Docker images

23 May 2018 414
Fuck-Windows-Security

A PowerShell malware that disables all the Windows Security features with UAC Bypass and Anti-VM ...

30 Jun 2024 17
hunt-detect-prevent

Lists of sources and utilities utilized to hunt, detect and prevent evildoers.

11 Jan 2017 157
Windows-Defender-Application-Control-Hardening

Harden Windows with Windows Defender Application Control (WDAC)

17 Dec 2020 30
PSResourceGet

PSResourceGet is the package manager for PowerShell

18 Mar 2020 486
PowerShdll

Run PowerShell with rundll32. Bypass software restrictions.

15 Jul 2016 1,747
win-web-setup

Instructions to setup and configure dev tools on windows

07 May 2023 5
Windows-On-Reins

Wor is a Powershell script to harden, debloat, optimize, enhance privacy, avoid fingerprinting an...

22 Nov 2017 397