Credential_Access/Hooking

2018-04-24 10:17:42 -04:00
parent 1880f27b14
commit 7ef84e4815
3 changed files with 16 additions and 4 deletions
@@ -0,0 +1,12 @@
+## Hooking
+
+MITRE ATT&CK Technique: [T1179](https://attack.mitre.org/wiki/Technique/T1179)
+
+### Sample Windows DLL Injection into PowerShell
+
+     mavinject $pid /INJECTRUNNING C:\Atomic\AtomicSSLHook.dll
+  
+## Test Script
+
+[AtomicSSLHook.dll](https://github.com/redcanaryco/atomic-red-team/blob/master/Windows/Payloads/AtomicSSLHook.dll)
+