InsecurePowerShellHost is a .NET Core host process for InsecurePowerShell, a version of PowerShell Core v6.0.0 with key security features removed.
InsecurePowerShellHost is a .NET Core host process for InsecurePowerShell, a version of PowerShell Core with key security features removed.
InsecurePowershell is a fork of PowerShell Core v6.0.0, with key security features removed. InsecurePowerShell removes the following security features from PowerShell:
InsecurePowerShell does not submit any PowerShell code to the AMSI, even when there is an actively listening AntiMalware Provider.InsecurePowerShell disables ScriptBlockLogging, Module Logging, and Transcription Logging. Even if they are enabled in Group Policy, these settings are ignored.InsecurePowerShell always runs PowerShell code in FullLanguage mode. Attempting to set InsecurePowerShell to alternative LanguageModes, such as ConstrainedLanguage mode or RestrictedLanguage mode does not take any affect.InsecurePowerShell does not utilize ETW (Event Tracing for Windows).More details are available here.