public static AMSIClient Create(AMSIClientConfiguration configuration) { if (IsAvailable()) { return(new AMSIClient(configuration)); } throw AMSIException.AMSINotFound; }
AMSIClient(AMSIClientConfiguration configuration) { Configuration = configuration; DetectionEngine = configuration.DetectionEngine; using (var process = Process.GetCurrentProcess()) { var result = AMSIMethods.AmsiInitialize( Name = $"{AppDomain.CurrentDomain.FriendlyName} ({ProcessID = process.Id})", out ContextHandle); result.CheckResult(nameof(AMSIMethods.AmsiInitialize)); ContextHandle.CheckHandle(); } }
/// <summary> /// /// </summary> /// <param name="configuration">AMSI client configuration</param> /// <param name="scanRetryAttempts"> /// Scan that ends up with application exception will be repeated /// until correct result is received or max number of attempts is reached</param> /// <param name="scanRetryAttemptDelay"> If ScanRetryMaxAttempts is enabled, /// this delay is applied between attempts</param> public Scan(AMSIClientConfiguration configuration, int?scanRetryAttempts, TimeSpan scanRetryAttemptDelay) { Configuration = configuration; ScanRetryAttempts = scanRetryAttempts; ScanRetryAttemptDelay = scanRetryAttemptDelay; }