Closed ar0dd closed 1 month ago
@ar0dd Can you please add this to the matrix and technique list file as well?
Oops. Missed that. Yes, Will do! @subat0mik
I'll ping you once complete.
Tables are wicked on Markdown. Looks correct though. Let me know 👍 @subat0mik
This PR introduces are new "CRED" primitive.
Looting SCCM Distribution Points (DP) can be a fruitful endeavor for internal attackers.
SCCM DP looting via SMB and HTTP (newer method) are both documented. Existing tools are also documented.