security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5f848fe2c19d948c3ef18f2becedf335fdff3c8e
atomic-red-team/Windows/Discovery/System_Service_Discovery.md
T
Michael Haag c121d1539b Format Updates + System Service Discovery 
+ Updated format to Discovery md files
+ Added System Service Discovery
2017-11-21 12:16:00 -08:00

37 lines
408 B
Markdown
Raw Blame History

## System Service Discovery
MITRE ATT&CK Technique: [T1007](https://attack.mitre.org/wiki/Technique/T1007)
## Tasklist.exe
Input:
tasklist.exe
## sc.exe
Input:
sc query
Input:
sc query state= all
Start/Stop a service
sc start <service name>
Stop:
sc stop <service name>
GUI:
services.msc
## WMIC.exe
wmic service where (displayname like "%<whatever>%") get name
Reference in New Issue View Git Blame Copy Permalink