We trust in security


We trust in security - Blog

Categoría MITRE ATT&CK

Execution - Powershell (T1086)

Introduction This post is the second about MITRE ATT&CK Enterprise Matrix covering execution techniques using Powershell. Powershell is a commandline interface (CLI) with command and scripting capabilities. Its main targets are System Administrators to automate task and control it. It requires .Net framework 2.0 as minimum requirement, and it was presented with Windows vista, and included on Windows 7, 8 and10, but it is not installed by default. Windows 2008 Server R1 include it on its default installation and it can be installed on Mac and Linux.

Initial Access - Drive-by Compromise (T1189)

Introduction This post is the first of a series of posts that will provide a better understanding about the techniques used by adversaries to reach their tactical objectives. We will use MITRE ATT&CK Enterprise Matrix as our framework. Our idea is to explain in every post a technique of each tactic (Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Lateral Movement, Collection, Command and Control, Exfiltration and Impact).