mthcht
mthcht
- [x] add in each script: ``` Start-Transcript -OutputDirectory $env:tmp\Logfile -UseMinimalHeader #... Stop-Transcript ```
quick work in progress, note to remember: - [x] https://github.com/mthcht/Purpleteam/blob/main/Simulation/Windows/System/delete_mru_history.ps1 - [ ] https://github.com/mthcht/Purpleteam/blob/main/Simulation/Windows/System/clear_remote_access_softwares.ps1 - [ ] https://github.com/mthcht/Purpleteam/blob/main/Simulation/Windows/System/clear_userassist_traces.ps1 - [ ] https://github.com/mthcht/Purpleteam/blob/main/Simulation/Windows/System/install_powershell_v2.ps1 - [ ] https://github.com/mthcht/Purpleteam/blob/main/Simulation/Windows/System/lolbin.ps1 - [ ] https://github.com/mthcht/Purpleteam/blob/main/Simulation/Windows/System/kill_splunk_and%20_block_9997_flow.ps1
normalization: `Start-Transcript -Path "$env:tmp\simulation_traces.log" -Append -Force -Verbose` `Stop-Transcript -Verbose` `$ProgressPreference = 'SilentlyContinue'` `Invoke-WebRequest * -UseBasicParsing -Verbose -UserAgent purpleteam` `[Error]` (Red) `[Info]` (Cyan) `[Warning]` (Yellow) `[Sucess]` (Green) in catch: Write-Host -ForegroundColor...
- [ ] compile, test https://github.com/mthcht/Detection-Validation and create powershell script to automate this in windows scripts
- [ ] create a powershell script to download, execute use /_bin/dnsmorph.exe to automatically make a list of phishing domains for a given domain and request inactive ones just to...