References

Type
Url
Description

technique

https://www.welivesecurity.com/2019/05/29/turla-powershell-usage/

Faou, M. and Dumont R.. (2019, May 29). A dive into Turla PowerShell usage. Retrieved June 14, 2019.


technique

http://www.malwarearchaeology.com/s/Windows-PowerShell-Logging-Cheat-Sheet-ver-June-2016-v2.pdf

Malware Archaeology. (2016, June). WINDOWS POWERSHELL LOGGING CHEAT SHEET - Win 7/Win 2008 or later. Retrieved June 24, 2016.


technique

https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_profiles?vi

Microsoft. (2017, November 29). About Profiles. Retrieved June 14, 2019.


technique

https://witsendandshady.blogspot.com/2019/06/lab-notes-persistence-and-privilege.html

DeRyke, A.. (2019, June 7). Lab Notes: Persistence and Privilege Elevation using the Powershell Profile. Retrieved July 8, 2019.


technique

https://attack.mitre.org/techniques/T1546/013


technique

https://developer.apple.com/library/archive/documentation/LanguagesUtilities/Conceptual/MacAutomatio

Apple. (2016, June 13). About Mac Scripting. Retrieved April 14, 2021.


technique

https://docs.microsoft.com/windows/win32/com/translating-to-jscript

Microsoft. (2018, May 31). Translating to JScript. Retrieved June 23, 2020.


technique

https://www.mdsec.co.uk/2021/01/macos-post-exploitation-shenanigans-with-vscode-extensions/

Dominic Chell. (2021, January 1). macOS Post-Exploitation Shenanigans with VSCode Extensions. Retrieved April 20, 2021.


technique

https://docs.microsoft.com/archive/blogs/gauravseth/the-world-of-jscript-javascript-ecmascript

Microsoft. (2007, August 15). The World of JScript, JavaScript, ECMAScript …. Retrieved June 23, 2020.


technique

https://docs.microsoft.com/scripting/winscript/windows-script-interfaces

Microsoft. (2017, January 18). Windows Script Interfaces. Retrieved June 23, 2020.