InsecurePowerShellHost

InsecurePowerShellHost is a .NET Core host process for InsecurePowerShell, a version of PowerShell Core with key security features removed.

InsecurePowerShell

InsecurePowershell is a fork of PowerShell Core v6.0.0, with key security features removed. InsecurePowerShell removes the following security features from PowerShell:

AMSI - InsecurePowerShell does not submit any PowerShell code to the AMSI, even when there is an actively listening AntiMalware Provider.
PowerShell Logging - InsecurePowerShell disables ScriptBlockLogging, Module Logging, and Transcription Logging. Even if they are enabled in Group Policy, these settings are ignored.
LanguageModes - InsecurePowerShell always runs PowerShell code in FullLanguage mode. Attempting to set InsecurePowerShell to alternative LanguageModes, such as ConstrainedLanguage mode or RestrictedLanguage mode does not take any affect.
ETW - InsecurePowerShell does not utilize ETW (Event Tracing for Windows).

More details are available here.

Name		Name	Last commit message	Last commit date
Latest commit History 3 Commits
InsecurePowerShellHost		InsecurePowerShellHost
.gitattributes		.gitattributes
.gitignore		.gitignore
InsecurePowerShellHost.sln		InsecurePowerShellHost.sln
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

InsecurePowerShellHost

InsecurePowerShell

About

Releases 1

Packages

Languages

cobbr/InsecurePowerShellHost

Folders and files

Latest commit

History

Repository files navigation

InsecurePowerShellHost

InsecurePowerShell

About

Topics

Resources

Stars

Watchers

Forks

Releases 1

Packages 0

Languages

Packages