public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2024-12-26 14:59:03 +01:00
Code Issues Projects Releases Wiki Activity

Update Auditpol.yml

Browse Source
This commit is contained in:
M-khalifa1 2024-02-24 17:40:07 +03:00 committed by GitHub
parent bbb3ec045d
commit 4f1e368b90
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
yml/OSBinaries/Auditpol.yml
View File

@ -1,10 +1,10 @@
---
Name: Auditpol.exe
Description: a command-line tool that allows users to query and set audit policies on Windows systems.
Author: Mahmoud Khalifa
Author: 'Mahmoud Khalifa'
Created: 2024-2-24
Commands:
Command: auditpol /set /subcategory:"System Integrity" /success:disable /failure:disable
- Command: auditpol /set /subcategory:"System Integrity" /success:disable /failure:disable
Description: Disables auditing for system integrity, which is crucial for monitoring and ensuring the integrity of security features and the operating system.
Usecase: modify the audit configuration silently and disable or alter important parameters, preventing the creation or recording of Event Logs.
Category: Execute
@ -34,5 +34,4 @@ Resources:
- Link: https://help.fortinet.com/fsiem/Public_Resource_Access/7_1_1/rules/PH_RULE_Suspicious_Auditpol_Usage.htm
Acknowledgement:
- Person: Mahmoud Khalifa
Handle: N/A