Discovery Updates
+ More Tasklist.exe adds + Modified file directory listing to be recursive.ChainReactions
parent
61d4797e64
commit
407c84b6f5
|
@ -6,7 +6,7 @@ MITRE ATT&CK Technique: [T1083](https://attack.mitre.org/wiki/Technique/T1083)
|
|||
|
||||
Input:
|
||||
|
||||
dir c:\ >> %temp%\download
|
||||
dir "c:\Documents and Settings" >> %temp%\download
|
||||
dir "c:\Program Files\" >> %temp%\download
|
||||
dir d:\ >> %temp%\download
|
||||
dir /s c:\ >> %temp%\download
|
||||
dir /s "c:\Documents and Settings" >> %temp%\download
|
||||
dir /s "c:\Program Files\" >> %temp%\download
|
||||
dir /s d:\ >> %temp%\download
|
||||
|
|
|
@ -4,12 +4,26 @@ MITRE ATT&CK Technique: [T1018](https://attack.mitre.org/wiki/Technique/T1063)
|
|||
|
||||
### netsh
|
||||
|
||||
netsh.exe advfirewall firewall
|
||||
netsh.exe advfirewall firewall show all profiles
|
||||
|
||||
### tasklist
|
||||
|
||||
Input:
|
||||
|
||||
tasklist.exe
|
||||
|
||||
Input:
|
||||
|
||||
tasklist.exe | findstr virus
|
||||
|
||||
Input:
|
||||
|
||||
tasklist.exe | findstr cb
|
||||
|
||||
Input:
|
||||
|
||||
tasklist.exe | findstr defender
|
||||
|
||||
|
||||
### PowerShell
|
||||
|
||||
|
|
Loading…
Reference in New Issue