swisskyrepo
/
InternalAllTheThings
mirror of https://github.com/swisskyrepo/InternalAllTheThings.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SOCIAL - Cards

pull/2/head
Swissky 2023-12-24 14:06:55 +01:00
parent ad1fbb915c
commit f6e1cd810c
3 changed files with 8 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.github/workflows/ci.yml vendored
View File

@ -20,4 +20,5 @@ jobs:
- run: pip install mkdocs-material - run: pip install mkdocs-material
- run: pip install mkdocs-git-revision-date-localized-plugin - run: pip install mkdocs-git-revision-date-localized-plugin
- run: pip install mkdocs-git-committers-plugin - run: pip install mkdocs-git-committers-plugin
- run: pip install mkdocs-material[imaging]
- run: mkdocs gh-deploy --force - run: mkdocs gh-deploy --force

6
docs/redteam/evasion/windows-defenses.md
View File

@ -302,11 +302,11 @@ The most common bypassing technique is patching the function `EtwEventWrite` whi
> Attack Surface Reduction (ASR) refers to strategies and techniques used to decrease the potential points of entry that attackers could use to exploit a system or network. > Attack Surface Reduction (ASR) refers to strategies and techniques used to decrease the potential points of entry that attackers could use to exploit a system or network.
```ps1 ```ps1
Add-MpPreference -AttackSurfaceReductionRules_Ids 9e6c4e1f-7d60-472f-ba1a-a39ef669e4b2 -AttackSurfaceReductionRules_Actions AuditMode Add-MpPreference -AttackSurfaceReductionRules_Ids <Id> -AttackSurfaceReductionRules_Actions AuditMode
Add-MpPreference -AttackSurfaceReductionRules_Ids 9e6c4e1f-7d60-472f-ba1a-a39ef669e4b2 -AttackSurfaceReductionRules_Actions Enabled Add-MpPreference -AttackSurfaceReductionRules_Ids <Id> -AttackSurfaceReductionRules_Actions Enabled
``` ```
| Description | Ids | | Description | Id |
|---------------------------------------------------------------------------|--------------------------------------| |---------------------------------------------------------------------------|--------------------------------------|
| Block execution of potentially obfuscated scripts | 5beb7efe-fd9a-4556-801d-275e5ffc04cc | | Block execution of potentially obfuscated scripts | 5beb7efe-fd9a-4556-801d-275e5ffc04cc |
| Block JavaScript or VBScript from launching downloaded executable content | d3e037e1-3eb8-44c8-a917-57927947596d | | Block JavaScript or VBScript from launching downloaded executable content | d3e037e1-3eb8-44c8-a917-57927947596d |

7
mkdocs.yml
View File

@ -40,11 +40,12 @@ markdown_extensions:
- pymdownx.snippets - pymdownx.snippets
- attr_list - attr_list
- pymdownx.emoji: - pymdownx.emoji:
emoji_index: !!python/name:materialx.emoji.twemoji emoji_index: !!python/name:material.extensions.emoji.twemoji
emoji_generator: !!python/name:materialx.emoji.to_svg emoji_generator: !!python/name:material.extensions.emoji.to_svg
repo_url: https://github.com/swisskyrepo/InternalAllTheThings/ repo_url: https://github.com/swisskyrepo/InternalAllTheThings/
edit_uri: edit/master/ edit_uri: edit/master/
plugins: plugins:
- search - search
- git-revision-date-localized - git-revision-date-localized
- social