Attack Tool(s): Metasploit, Impacket, Havok, Mythic
- Metasploit: https://www.metasploit.com
- Impacket: https://github.com/SecureAuthCorp/impacket
- Havok: https://github.com/HavocFramework/Havoc
- Mythic: https://github.com/its-a-feature/Mythic
Detection Link(s):
- Endpoint Security Protection Analysis
- Endpoint Security
Helpful Blogs (BHIS):
- “Backdoors & Breaches: Logon Scripts” – https://www.blackhillsinfosec.com/backdoors-breaches-logon-scripts – Logon script persistence.
