@Neo23x0 Neo23x0 released this Apr 9, 2018 · 5 commits to master since this release

Assets 3
  • Batch mode (-b) to script the simulation runs
  • Bugfixes

@Neo23x0 Neo23x0 released this Feb 24, 2018 · 14 commits to master since this release

Assets 3
  • AVExcluder module: Sets the %APTDIR% as AV exclusion in Windows Defender, McAfee and Symantec

(I have no idea if this works because I do not have the AV products at hand, please verify, correct and report me the corrections)

screen shot 2018-02-24 at 10 56 41

@Neo23x0 Neo23x0 released this Feb 23, 2018 · 16 commits to master since this release

Assets 3
  • Settings in which you can activate & set a random sleep interval between test cases (more realistic)
  • New test case: UserInitMprLogonScript

screen shot 2018-02-23 at 17 30 25

@Neo23x0 Neo23x0 released this Feb 22, 2018 · 20 commits to master since this release

Assets 3
  • WMI Backdoor test cases in "persistence" and "command-and-control" test sets

screen shot 2018-02-22 at 10 50 08
screen shot 2018-02-22 at 10 50 24

@Neo23x0 Neo23x0 released this Feb 21, 2018 · 23 commits to master since this release

Assets 3
  • New menu selection
  • New test case: persistence > Scheduled task creation via PowerShell and XML file

screen shot 2018-02-21 at 19 32 51

@Neo23x0 Neo23x0 released this Feb 21, 2018 · 26 commits to master since this release

Assets 3
  • Fixed file names of some test cases to match the README description

@Neo23x0 Neo23x0 released this Feb 20, 2018 · 29 commits to master since this release

Assets 3
  • Bugfix: Missing 'credential-access' test set after major refactoring #6

@Neo23x0 Neo23x0 released this Feb 15, 2018 · 32 commits to master since this release

Assets 3

CACTUSTORCH use case:

  • Downloading JS dropper with certutil.exe
  • CACTUSTORCH JS Dropper, running bind shell on port 1234/tcp

Reference: https://github.com/mdsecactivebreach/CACTUSTORCH

Bugfixes:
#4
#2

@Neo23x0 Neo23x0 released this Feb 8, 2018 · 36 commits to master since this release

Assets 3
  • Added double quotes to path variables to allow paths with spaces

@Neo23x0 Neo23x0 released this Feb 4, 2018 · 52 commits to master since this release

Assets 3
  • Restructured the single APTSimulator.bat file and created test-sets in sub folders based on MITRE ATT&CK matrix

screen shot 2018-02-04 at 20 02 39