public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-07-27 12:42:19 +02:00
Code Issues Projects Releases Wiki Activity

Adding Windows 11 reference to missed-out executables

Browse Source
This commit is contained in:
Wietze
2021-12-14 16:57:56 +00:00
parent 6793a7d238
commit e51caad3dd
4 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
yml/OSBinaries/Tttracer.yml
View File

@@ -10,14 +10,14 @@ Commands:
Category: Execute
Privileges: Administrator
MitreID: T1127
OperatingSystem: Windows 10 1809 and newer
OperatingSystem: Windows 10 1809 and newer, Windows 11
- Command: TTTracer.exe -dumpFull -attach pid
Description: Dumps process using tttracer.exe. Requires administrator privileges
Usecase: Dump process by PID
Category: Dump
Privileges: Administrator
MitreID: T1003
OperatingSystem: Windows 10 1809 and newer
OperatingSystem: Windows 10 1809 and newer, Windows 11
Full_Path:
- Path: C:\Windows\System32\tttracer.exe
- Path: C:\Windows\SysWOW64\tttracer.exe