n00py
commented
5 years ago If you want some good ones for forensics training I would say use the persistence modules. That will leave some good artifacts to find.
Closed CdtDelta closed 5 years ago
n00py
commented
5 years ago If you want some good ones for forensics training I would say use the persistence modules. That will leave some good artifacts to find.
This isn't an issue but a question on usage. I'm looking to utilize this with a class in Forensics that I teach, so I want to generate some artifacts on my fake host with this system.
In the readme you have:
"Modules will warn you before performing tasks that write to disk. When executing shell commands, take note that cmd.exe will be executed. This may be monitored on the host."
Which modules will write to disk? Are you talking about download files with the wget command, running the keylogger, etc?
I have everything set up and running, and I tested it on one of my Windows 10 machines, but now I need to get it set up for my fake host, so I'm looking for commands that will produce some type of artifact on the system running the agent.exe.
Side note, thank you for writing this, it was exactly what I was looking for with my class. Bonus that it uses Go and Python....although I had to tweak your install.sh file to run on my system (I already had Go set up).