Sign PowerShell Scripts With An Enterprise PKI

PowerShell Execution Policy¬†can be used as a control policy, to protect the administrators, or even the users, from accidental script execution. Do not think of it as a security measure, because it will not protect you from copy/paste the content of any script in the command line or run each script command by hand. The … Continue reading Sign PowerShell Scripts With An Enterprise PKI

Antimalware Scan Interface

PowerShell version 5.0 and later includes a low-level programming API designed just for anti-malware scanners. The AntiMalware Scan Interface (AMSI) allows AMSI capable scanners to examine PowerShell code, even when the code is Base64-encoded. AMSI works also with WSCRIPT executables (VBScript, Jscript). from Microsoft: The Antimalware Scan Interface (AMSI) is a generic interface standard that … Continue reading Antimalware Scan Interface