Matt Hand

icon indicating a website link https://medium.com/@matterpreter

icon company @preludeorg icon location USA icon location Aut viam inveniam aut faciam

Results 8 issues of Matt Hand

Add file splitting to EncryptedZip

2 comment

It would be nice to be able to create archives

enhancement

Implement a cleanup function for MockDirUACBypass

1 comment

When a user deletes the mock directory `C:\Windows \System32\`, Windows will attempt to delete the real System32. Need to implement a cleanup function to do this as an argument. This...

enhancement

Add PuTTY session identification to SessionSearcher

I believe this is possible through the registry, but this would be valuable to potentially match discovered PPK files and where they might go.

enhancement

Add support for Windows 7+ to GPSCoordinates

The registry key it checks for is only present on Windows 10, so since it doesn't exist in Win7, it will error out and not run.

enhancement

WCF server method reported as deserialization gadget

See below: ``` PS > .\InspectAssembly.exe path=".\server.exe" Assembly Name: C:\foo\server.exe WCFServer Gadgets: CommunicationObject::Open() is called in the following methods: Service.OnStart Serialization Gadgets: CommunicationObject::Open() is called in the following methods: PS...

bug
good first issue

Add execution path keying

Useful for ClickOnce apps

enhancement

Add parent process keying

Probably most relevant for C#

enhancement

Add technique name to subtechniques

In the data, the `name` field in the `T1205.002` technique is "Socket Filters" but on the primary site, it is "Traffic Signaling: Socket Filters". I would really like to have...