Merge pull request #272 from swelcher/T1081revised

T1081 Added notes about additional modules being needed for Mimikatz etc
2018-06-27 07:19:34 -04:00
parent 1d9f22986e 11a5c061ab
commit 56043e07fd
1 changed files with 39 additions and 0 deletions
@@ -14,3 +14,42 @@ atomic_tests:
    name: sh
    command: |
      python2 laZagne.py all
+
+- name: Extract credentials from files
+  description: |
+    Extracting credentials from files
+  input_arguments:
+    file_path:
+      description: Path to search
+      type: String
+      default: /
+  supported_platforms:
+    - macos
+    - linux
+  executor:
+    name: sh
+    command: |
+      grep -riP password #{file_path}
+
+- name: Mimikatz & Kittenz
+  description: |
+    Mimikatz/kittenz - This will require a Mimikatz executable or invoke-mimikittenz ps module.
+  supported_platforms:
+    - windows
+  executor:
+    name: powershell
+    command: |
+      invoke-mimikittenz
+      mimikatz.exe
+
+- name: Extracting credentials from files
+  description: |
+    Extracting Credentials from Files
+  supported_platforms:
+    - windows
+  executor:
+    name: powershell
+    command: |
+      findstr /si pass *.xml | *.doc | *.txt | *.xls
+      ls -R | select-string -Pattern password
+