forked from EmpireProject/Empire
-
-
Notifications
You must be signed in to change notification settings - Fork 573
/
sherlock.yaml
36 lines (36 loc) · 964 Bytes
/
sherlock.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
name: Sherlock
authors:
- name: 'Daniel Duggan'
handle: '@_RastaMouse'
link: 'https://twitter.com/_rastamouse'
description: Find Windows local privilege escalation vulnerabilities.
software: ''
tactics: []
techniques:
- T1046
background: true
output_extension:
needs_admin: false
opsec_safe: true
language: powershell
min_language_version: '2'
comments:
- https://github.com/rasta-mouse/Sherlock
options:
- name: Agent
description: Agent to run module on.
required: true
value: ''
- name: OutputFunction
description: PowerShell's output function to use ("Out-String", "ConvertTo-Json", "ConvertTo-Csv", "ConvertTo-Html", "ConvertTo-Xml").
required: false
value: Out-String
strict: false
suggested_values:
- Out-String
- ConvertTo-Json
- ConvertTo-Csv
- ConvertTo-Html
- ConvertTo-Xml
script_path: privesc/Sherlock.ps1
script_end: Find-AllVulns | {{ OUTPUT_FUNCTION }} | %{$_ + "`n"};