security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1663bf7d524b6fc8a9a39104feb2949b36368dfc
atomic-red-team/atomics/T1214/T1214.yaml
T
Carrie Roberts 1bfefdacfc Add elevated (#542) 
* provide elevation_required attribute

* provide elevation_required attribute

* provide elevation_required attribute
2019-09-03 07:34:42 -06:00

19 lines
417 B
YAML
Raw Blame History

---
attack_technique: T1214
display_name: Credentials in Registry
atomic_tests:
- name: Enumeration for Credentials in Registry
description: |
Queries to enumerate for credentials in the Registry.
supported_platforms:
- windows
executor:
name: command_prompt
elevation_required: false
command: |
reg query HKLM /f password /t REG_SZ /s
reg query HKCU /f password /t REG_SZ /s
Reference in New Issue View Git Blame Copy Permalink