2024-04-27 12:38:14 -05:00
|
|
|
attack_technique: T1003
|
|
|
|
|
display_name: OS Credential Dumping
|
|
|
|
|
atomic_tests:
|
|
|
|
|
- name: Gsecdump
|
2024-07-10 08:54:26 -05:00
|
|
|
auto_generated_guid:
|
2024-04-27 12:38:14 -05:00
|
|
|
description: |
|
|
|
|
|
Dump credentials from memory using Gsecdump.
|
|
|
|
|
supported_platforms:
|
|
|
|
|
- windows
|
|
|
|
|
input_arguments:
|
|
|
|
|
executor:
|
|
|
|
|
command: |
|
|
|
|
|
"#{gsecdump_exe}" -a
|
|
|
|
|
name: command_prompt
|
2024-07-10 08:54:26 -05:00
|
|
|
elevation_required: true
|
