https://www.safebreach.com/SafeBreach-Labs-Presenting-New-Hacking-Techniques-and-Adversary-Simulation
https://docs.microsoft.com/pt-br/microsoft-365/security/office-365-security/attack-simulator?view=o365-worldwide
-
Initial Access
- Exploit MS-17-010
- Spear-Phishing
-
Execution
- Powershell Scripts
- Windows Command Shell
-
Privilege Escalation
- Windows-Exploit-Suggester
- PowerUP
- EOP Exploitation
- WSL Exploitation
- Exploit MS-10-015
- Exploit MS-16-032
- Exploit MS-19-1388
-
Defense Evasion
-
AV Bypass with Metasploit and Custom Binaries
-
Hooked Syscall
-
.NET Reflection
-
Full DLL Unhooking
-
Obfuscated Powershell Script
-
-
Credential Access
- Mimikatz
- Mimidogz
- LLMNR Poisoning
- Pass-the-Hash
- NTLM Brute Force
-
Discovery
- Sniffing
- NLBrute
- LLMNR Poisoning
- Detect Sysmon Process
- COM Enumerate
-
Lateral Movement
- RDP Hijacking
- DCOM Lateral Movement
- WMI Lateral Movement
- WinRM
- WinRS
- Psexec
-
Command and Control
-
Trevorfuscation
-
Covenant and Powershell Empire
-
-
Impact
-
Data Encrypted
-
Ransomware
-
-
Data Exilftration
-
Resource Hijacking
-
https://www.mcafee.com/enterprise/en-us/security-awareness/cybersecurity/what-is-mitre-attack-framework.html
XMind - Evaluation Version