You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
T1106-1 Execution through API - CreateProcess T1106-2 WinPwn - Get SYSTEM shell - Pop System Shell using CreateProcess technique T1106-3 WinPwn - Get SYSTEM shell - Bind System Shell using CreateProcess technique T1106-4 WinPwn - Get SYSTEM shell - Pop System Shell using NamedPipe Impersonation technique T1106-5 Run Shellcode via Syscall in Go
What did you expect to happen?
T1106 Native API should be marked as "available"/“red field” in the Attack Navigator Layer for Windows Template.
What happened instead?
T1106 Native API is marked as "white field" in the Attack Navigator Layer for Windows Template. The template falsely gives the impression, that no atomics exists for this technique.
Your Environment
Windows Server 2022 AD-DC
The text was updated successfully, but these errors were encountered:
Invoke-AtomicTest T1106 -ShowDetailsBrief
What did you expect to happen?
T1106 Native API should be marked as "available"/“red field” in the Attack Navigator Layer for Windows Template.
What happened instead?
T1106 Native API is marked as "white field" in the Attack Navigator Layer for Windows Template. The template falsely gives the impression, that no atomics exists for this technique.
Your Environment
Windows Server 2022 AD-DC
The text was updated successfully, but these errors were encountered: