security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5f848fe2c19d948c3ef18f2becedf335fdff3c8e
atomic-red-team/Windows/Discovery/Security_Software_Discovery.md
T
Michael Haag 29cf36761a Mac Discovery 
Added many techniques to Discovery for Mac
2018-01-09 14:53:47 -07:00

39 lines
612 B
Markdown
Raw Blame History

# Security Software Discovery
MITRE ATT&CK Technique: [T1063](https://attack.mitre.org/wiki/Technique/T1063)
### netsh
netsh.exe advfirewall firewall show all profiles
### tasklist
Input:
tasklist.exe
Input:
tasklist.exe | findstr virus
Input:
tasklist.exe | findstr cb
Input:
tasklist.exe | findstr defender
### PowerShell
powershell.exe get-process | ?{$_.Description -like "*virus*"}
#### CarbonBlack
powershell.exe get-process | ?{$_.Description -like "*carbonblack*"}
#### Windows Defender
powershell.exe get-process | ?{$_.Description -like "*defender*"}
Reference in New Issue View Git Blame Copy Permalink