security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
aaa7105a42b6f64e4dedec6f95fd1341cbc13a49
atomic-red-team/Windows/Discovery/Security_Software_Discovery.md
T
Michael Haag 976f3ba40f Adds 
Security software discovery
system time discovery
2017-11-01 16:02:40 -07:00

460 B
Raw Blame History

Security Software Discovery

MITRE ATT&CK Technique: T1018

netsh

netsh.exe advfirewall firewall

tasklist

tasklist.exe

PowerShell

powershell.exe get-process | ?{$_.Description -like "*virus*"}

CarbonBlack

powershell.exe get-process | ?{$_.Description -like "*carbonblack*"}

Windows Defender

powershell.exe get-process | ?{$_.Description -like "*defender*"}
Reference in New Issue View Git Blame Copy Permalink