security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
22d7cdcec8a5a9227ee4e7d2096d7a0488bb229c
atomic-red-team/Windows/Exfiltration/Data_Compressed.md
T
Michael Haag 66c37e8b53 Evasion and exfil 
+ Added wevtutil and fsutil per what was used recently by BadBuddy Ransomware.
+ Added 2 ways to compress data with Powershell and rar.
2017-10-31 12:56:52 -07:00

12 lines
245 B
Markdown
Raw Blame History

# File Deletion
MITRE ATT&CK Technique: [T1002](https://attack.mitre.org/wiki/Technique/T1002)
## PowerShell
powershell.exe dir c:\* -Recurse | Compress-Archive -DestinationPath C:\test\Data.zip
## Rar
rar a -r exfilthis.rar *.docx
Reference in New Issue View Git Blame Copy Permalink