Atomic Red Team doc generator
14 lines
550 B
YAML
14 lines
550 B
YAML
attack_technique: T1553.006
|
|
display_name: 'Subvert Trust Controls: Code Signing Policy Modification'
|
|
atomic_tests:
|
|
- name: Code Signing Policy Modification
|
|
auto_generated_guid: bb6b51e1-ab92-45b5-aeea-e410d06405f8
|
|
description: Allows adversaries to subvert trust controls by modifying the code signing policy, enabling the execution of unsigned drivers.
|
|
supported_platforms:
|
|
- windows
|
|
executor:
|
|
command: bcdedit /set testsigning on
|
|
cleanup_command: bcdedit /set testsigning off
|
|
name: command_prompt
|
|
elevation_required: true
|