public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-02-28 13:03:15 +01:00
Code Issues Projects Releases Wiki Activity

Update Mofcomp.yml

Browse Source 
Added additional resources for detection via PowerShell etc
This commit is contained in:
Daniel Gott 2022-07-19 13:13:39 -04:00 committed by GitHub
parent a739e57bff
commit 9814c950c8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
yml/OSBinaries/Mofcomp.yml
View File

@ -31,6 +31,8 @@ Resources:
- Link: https://docs.microsoft.com/en-us/windows/win32/wmisdk/mofcomp
- Link: https://docs.microsoft.com/en-us/windows/win32/wmisdk/managed-object-format--mof-
- Link: https://thedfirreport.com/2022/07/11/select-xmrig-from-sqlserver/
- Link: https://in.security/2019/04/03/an-intro-into-abusing-and-identifying-wmi-event-subscriptions-for-persistence/
- Link: https://medium.com/threatpunter/detecting-removing-wmi-persistence-60ccbb7dff96
Acknowledgement:
- Person: Daniel Gott
Handle: '@gott_cyber'