caseysmithrc
a61dbfbbb5
* Component Object Model Hijacking * Update T1122.yaml * Generate docs from job=validate_atomics_generate_docs branch=Fix-1122-COMHijack
18 lines
391 B
YAML
18 lines
391 B
YAML
---
|
|
attack_technique: T1122
|
|
display_name: Component Object Model Hijacking
|
|
|
|
atomic_tests:
|
|
- name: Component Object Model Hijacking
|
|
description: |
|
|
Hijack COM Object used by certutil.exe
|
|
|
|
supported_platforms:
|
|
- windows
|
|
executor:
|
|
name: command_prompt
|
|
command: |
|
|
reg import ..\src\COMHijack.reg
|
|
certutil.exe -CAInfo
|
|
reg import ..\src\COMHijackCleanup.reg
|