You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
When playing with my machines, I have realize that Windows Defender:<br>
When playing with my machines, I have realized that Windows Defender:<br>
1. does not scan \*.MSI cab files in the realtime<br>
2. excludes files dropped by msiexec.exe from realtime scan<br>
Should I tell you more? If you pack your malware into MSI, you can install it without any detection. The sample provided drops mimikatz into "C:\Program Files\Mimikatz".<br>
Additionally the WiX script was provided if you want to play with your own payload.<br>
Additionally, the WiX script was provided if you want to play with your own payload.<br>
Note: The MSI file is NOT signed by design. Play with your own code signing certificate and `Set-AuthenticodeSignature -FilePath mimi.msi -Certificate ...` <br>
