Skip to content
/ attack Public

Utilities/scripts/files to assist emulation of MITRE ATT&CK / PRE-ATT&CK prepared by Myo Soe

cybersecurity.wtf/

License

GPL-3.0 license
5 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

yehgdotnet/attack

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits

file-read

file-read

 
 

http-poster

http-poster

 
 

masquerader

masquerader

 
 

obfuscator

obfuscator

 
 

rtl

rtl

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Repository files navigation

Welcome

This repo hosts utilities/scripts/files to assist emulation of MITRE ATT&CK / PRE-ATT&CK.

Web tools

Command-line tools

  • rtl/rtl.go - Generate spoofed file extension with right-to-left overide character.
    • Usage: go run rtl.go -src benign.exe -ext PDF (will copy benign.exe to benignexe.pdf)
  • rtl/rtl_avbypass.go - Generate spoofed file extension with right-to-left overide character using AV bypass timer approach.
  • masquerader - Simulate execution of untrusted binary under the disguise of window binary names.
  • file-read - Simulate execution of file read access operation.
  • http-poster - Simulate execution of a binary posting data to http servers.

Files

  • r2l-benignexe-pdf.zip - benign.exe spoofed as PDF file using right-to-left overide character

Contact

@cyberseckb

About

Utilities/scripts/files to assist emulation of MITRE ATT&CK / PRE-ATT&CK prepared by Myo Soe

cybersecurity.wtf/

Topics

purple-team

Resources

Readme

License

GPL-3.0 license
Activity

Stars

5 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages