security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
22d7cdcec8a5a9227ee4e7d2096d7a0488bb229c
atomic-red-team/Windows/Discovery/System_Service_Discovery.md
T
Michael Haag c121d1539b Format Updates + System Service Discovery 
+ Updated format to Discovery md files
+ Added System Service Discovery
2017-11-21 12:16:00 -08:00

408 B
Raw Blame History

System Service Discovery

MITRE ATT&CK Technique: T1007

Tasklist.exe

Input:

tasklist.exe

sc.exe

Input:

sc query

Input:

sc query state= all

Start/Stop a service

sc start <service name>

Stop:

sc stop <service name>

GUI:

services.msc

WMIC.exe

wmic service where (displayname like "%<whatever>%") get name
Reference in New Issue View Git Blame Copy Permalink