Home Explore Help
Sign In
zhensolid
/
Home-Grown-Red-Team
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Update README.md

assume-breach 3 years ago
parent
f8367d9c25
commit
6d4b0e01d4
1 changed files with 1 additions and 1 deletions
Split View Show Diff Stats
  1. 1 1
      InsideMan/README.md

+ 1 - 1
InsideMan/README.md
View File 

@@ -1,4 +1,4 @@
 
-InsideMan is an internal Windows phishing executable that utilizes Powershell Get-Credential calls in an attempt to coerce the user into typing thier plaintext password into the prompt. The plaintext password is then written to a file named windows32.txt located in the user's Documents directory. 
+Inspired by the "A Theif" method from the Sektor7 Windows Privilege Escallation Course, InsideMan is an internal Windows phishing executable that utilizes Powershell Get-Credential calls in an attempt to coerce the user into typing thier plaintext password into the prompt. The plaintext password is then written to a file named windows32.txt located in the user's Documents directory. 
 
 This is not a sophisticated attack. Might set off an alarm or two with advanced EDR looking for abnormal powershell calls.