More security testing options with sec-test

image

I’ve added three more security testing options to my free script here:

https://github.com/directorcia/Office365/blob/master/sec-test.ps1

The Word document Backdoor drop will download and open a Word document that contains a macro that will itself, download an EXE file to the desktop.

The PowerShell script fileless attack if successful will open Notepad.exe on the device.

The Dump credentials using SQLDumper.exe will download the SQL utility SQLDumper.exe and use that to try and dump the credentials from the the system LSASS.EXE process.

All the tests are benign and designed to firstly, test your environment again common breach techniques and secondly, to generate alerts in your environment to ensure your protection is correctly configured.

It is getting hard for me to determine all the outcomes of these tests, so I’d love to hear any feedback you have on your own results so I can improve the script. Also, if you have any suggestions for what tests you’d like to see included please let me know.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s