Title
#windows
5twenty9

5twenty9

06/11/2018, 3:48 PM
@thor I just read your post. looks cool. I'm going to try rigging something up. basic idea is to build out a set of virtual tables in an extension that map 1:1 to the persistence mechanisms captured in the ATT&CK matrix (https://attack.mitre.org/wiki/ATT&CK_Matrix) - appcert DLLs, appinit DLLs, etc.)
1:54 PM
@dallendoug ^^