Identify ASR rules, actions, and exclusion locations
Thanks to EspressoCake
$ make all
- load cna
- initial script
beacon> inlineExecuteAssembly --dotnetassembly C:\Tools\ASRenum.exe
beacon> bofnet_executeassembly ASRenum
Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations
C++
Identify ASR rules, actions, and exclusion locations
Thanks to EspressoCake
$ make all
beacon> inlineExecuteAssembly --dotnetassembly C:\Tools\ASRenum.exe
beacon> bofnet_executeassembly ASRenum