security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Defense Evastion

Browse Source 
+ Added method to stop event logs
This commit is contained in:
Michael Haag
2018-01-02 14:54:21 -07:00
parent 54181ad230
commit 6dea66bdec
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Windows/Defense Evasion/Indicator_Removal_on_Host.md
+4
View File
@@ -20,6 +20,10 @@ Clear Application logs
wevtutil cl Application
Stop event logs
Wevtutil.exe sl Security /e:false
## Fsutil
Manages the update sequence number (USN) change journal, which provides a persistent log of all changes made to files on the volume.