security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
533e27193fcdff5782f989b8739cf2b4a9d2e015
atomic-red-team/Windows/Exfiltration/Data_Compressed.md
T
Michael Haag 66c37e8b53 Evasion and exfil 
+ Added wevtutil and fsutil per what was used recently by BadBuddy Ransomware.
+ Added 2 ways to compress data with Powershell and rar.
2017-10-31 12:56:52 -07:00

245 B
Raw Blame History

File Deletion

MITRE ATT&CK Technique: T1002

PowerShell

powershell.exe dir c:\* -Recurse | Compress-Archive -DestinationPath C:\test\Data.zip

Rar

rar a -r exfilthis.rar *.docx
Reference in New Issue View Git Blame Copy Permalink