-
Notifications
You must be signed in to change notification settings - Fork 8
6 ‐ Credential Access
CroodSolutions edited this page Aug 5, 2024
·
1 revision
At the moment, this area is somewhat hypothetical, although several of us are working on capabilities that could have significant implications. My instincts tell me credential access via these tools may be more evasive, but we do not yet have a proof of concept at the moment of this wiki entry.
The general idea is to port over existing credential access methods to AutoIT and AHK to see if they are more evasive (and then if so, modify detection logic). It is my belief that at least some techniques will prove to be evasive, once ported over or reinvented.