* moving shell script file to /src directory to meet spec.yaml
* fixing path to script in test 2 (just moved file in prior commit)
* fixed newline added a few mins ago
* fixed newline
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
* T1021.006 evil-winrm atomic
* Update T1021.006.yaml
* Update T1021.006.yaml
fixed input args
* Update T1021.006.yaml
added Prereqs for Ruby and moved Evil-WinRM to a Prereq
* Update T1021.006.yaml
removed duplicate description and changed Ctrl + C to exit.
* Updated yaml
updated descriptions for prereqs. removed un-needed "exit" from cleanup_command.
* $env:username replaced
$env:username replaced with $env:Temp to account for when people have who have user profiles in althernative locations than C and also download to TEMP instead of Desktop.
* Removing cleanup_command
Removing cleanup_command as the evil-winrm is a prereq gem. in the future, if a cleanup_prereq_command is implemented this may be worth adding back in(gem uninstall evil-winrm -x).
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
Add a line to include/force TLS1.2 in order for the prereq function to work on win2k16
All the credit to clr2of8 for sending me the string
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
Add a line to include/force TLS1.2 in order for the prereq function to work on win2k16
All the credit to clr2of8 for sending me the string
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
Add a line to include/force TLS1.2 in order for the prereq function to work on win2k16
All the credit to clr2of8 for sending me the string
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
* added a test for evading detection by excluding path from scanning
* added tests for evading process and extesnion scanning
* fixed syntax
* description correction
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
Add a line to include/force TLS1.2 in order for the prereq function to work on win2k16
All the credit to clr2of8 for sending me the string
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
Add a line to include/force TLS1.2 in order for the prereq function to work on win2k16
All the credit to clr2of8 for sending me the string
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
* new atomic test
* new atomic test
* new atomics
* new atomics
* new atomics
* new atomics
* new atomics
Co-authored-by: Patrick Bareiss <pbareib@splunk.com>
JB