I would like to have an agent remove exploits/evidence after losing contact with the server (once the Watchdog value is exceeded). Is there currently a mechanism to do this?
Example:
Blue team notices something is off
Blue team disconnects target from the network
Agent counters by wiping evidence/ doing some anti-forensics.
Enhancement Suggestion:
Implement a "Dead Man's Ability" that an Agent executes just prior to termination (similar idea to Bootstrap Abilities).
I would like to have an agent remove exploits/evidence after losing contact with the server (once the Watchdog value is exceeded). Is there currently a mechanism to do this?
Example:
Enhancement Suggestion: Implement a "Dead Man's Ability" that an Agent executes just prior to termination (similar idea to Bootstrap Abilities).