Skip to content

/ InsecurePowerShellHost

InsecurePowerShellHost is a .NET Core host process for InsecurePowerShell, a version of PowerShell Core v6.0.0 with key security features removed.

cobbr.io
25 stars 6 forks
Star
Watch
master
1 branch 1 tag
Go to file
Code

Clone with HTTPS

Use Git or checkout with SVN using the web URL.

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
InsecurePowerShellHost
 
 
.gitattributes
 
 
.gitignore
 
 
InsecurePowerShellHost.sln
 
 
README.md
 
 

README.md

InsecurePowerShellHost

InsecurePowerShellHost is a .NET Core host process for InsecurePowerShell, a version of PowerShell Core with key security features removed.

InsecurePowerShell

InsecurePowershell is a fork of PowerShell Core v6.0.0, with key security features removed. InsecurePowerShell removes the following security features from PowerShell:

  • AMSI - InsecurePowerShell does not submit any PowerShell code to the AMSI, even when there is an actively listening AntiMalware Provider.
  • PowerShell Logging - InsecurePowerShell disables ScriptBlockLogging, Module Logging, and Transcription Logging. Even if they are enabled in Group Policy, these settings are ignored.
  • LanguageModes - InsecurePowerShell always runs PowerShell code in FullLanguage mode. Attempting to set InsecurePowerShell to alternative LanguageModes, such as ConstrainedLanguage mode or RestrictedLanguage mode does not take any affect.
  • ETW - InsecurePowerShell does not utilize ETW (Event Tracing for Windows).

More details are available here.

About

InsecurePowerShellHost is a .NET Core host process for InsecurePowerShell, a version of PowerShell Core v6.0.0 with key security features removed.

cobbr.io

Topics

powershell powershell-core dotnet-core dotnet-core2

Resources

Readme

Releases 1

InsecurePowerShellHost-v6.0.0-rc.2 Latest
Dec 19, 2017

Packages

No packages published

Languages

You can’t perform that action at this time.