- It is not a normal and boring enumeration tool! The idea is to automate the MITRE TTP exploitationWINFLESHER v0.1.0.5
MITRE EXPLOITATION FRAMEWORK
Written by: Alessandro 'mindsflee' Salzano
https://github.com/mindsflee
It is released under GNU GENERAL PUBLIC LICENSE
that can be downloaded here:
https://github.com/mindsflee/WinFlesher/blob/main/LICENSE
Invoke-WinFlesher is a post exploitation framework for windows written in powershell.
It was created by adapting the exploitation techniques to MITRE and it was meant to be modular.
PS C:\> . .\Invoke-WinFlesher.ps1
PS C:\> WFL-check-T1574.009
[+] WARNING: this system is most likely vulnerable to Path Interception by Unquoted Path!
ProcessId : 0
Name : Vulnerable Service
DisplayName : Vuln Service
PathName : C:\Program Files\A Subfolder\B Subfolder\C Subfolder\Executable.exe
StartName : LocalSystem
StartMode : Auto
State : Stopped
+ Download the repository in zip format and import it on your victim machine
+ After unzipped it run on a powershell console: ". .\ Invoke-WinFlesher.ps1"
- WinFlesher was created to be scalable and implementable with more TTP and MITRE modules
- We are looking for collaborators!