technique
https://www.welivesecurity.com/2019/05/29/turla-powershell-usage/
Faou, M. and Dumont R.. (2019, May 29). A dive into Turla PowerShell usage. Retrieved June 14, 2019.
technique
http://www.malwarearchaeology.com/s/Windows-PowerShell-Logging-Cheat-Sheet-ver-June-2016-v2.pdf
Malware Archaeology. (2016, June). WINDOWS POWERSHELL LOGGING CHEAT SHEET - Win 7/Win 2008 or later. Retrieved June 24, 2016.
technique
https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_profiles?vi
Microsoft. (2017, November 29). About Profiles. Retrieved June 14, 2019.
technique
https://witsendandshady.blogspot.com/2019/06/lab-notes-persistence-and-privilege.html
DeRyke, A.. (2019, June 7). Lab Notes: Persistence and Privilege Elevation using the Powershell Profile. Retrieved July 8, 2019.
technique
https://attack.mitre.org/techniques/T1546/013
technique
https://developer.apple.com/library/archive/documentation/LanguagesUtilities/Conceptual/MacAutomatio
Apple. (2016, June 13). About Mac Scripting. Retrieved April 14, 2021.
technique
https://docs.microsoft.com/windows/win32/com/translating-to-jscript
Microsoft. (2018, May 31). Translating to JScript. Retrieved June 23, 2020.
technique
https://www.mdsec.co.uk/2021/01/macos-post-exploitation-shenanigans-with-vscode-extensions/
Dominic Chell. (2021, January 1). macOS Post-Exploitation Shenanigans with VSCode Extensions. Retrieved April 20, 2021.
technique
https://docs.microsoft.com/archive/blogs/gauravseth/the-world-of-jscript-javascript-ecmascript
Microsoft. (2007, August 15). The World of JScript, JavaScript, ECMAScript …. Retrieved June 23, 2020.
technique
https://docs.microsoft.com/scripting/winscript/windows-script-interfaces
Microsoft. (2017, January 18). Windows Script Interfaces. Retrieved June 23, 2020.