Terminator is a powershell script that terminates protected processes such as anti-malware and EDRs
through the gmer driver.
- in-memory
- HVCI bypass
<#
----------------------------
Terminator
github : github.com/xiosec
twitter: twitter.com/xiosec
----------------------------
* Arguments
* -ServiceName
* -ProcName
* -ProcId
* -driverPath
#>
Invoke-Terminator -ServiceName terminator -ProcName MsMpEng
In this example, we kill the MsMpEng
process, which is related to the antimalware service
.
Released under GPL-3.0 by @xiosec