threatinteltest
/ ocr-shot.sh
Created Mar 19, 2018
— forked from pnc/ocr-shot.sh
View ocr-shot.sh
| #!/bin/bash | |
| set -e | |
| CONTENTS=$(tesseract -c language_model_penalty_non_dict_word=0.8 --tessdata-dir /usr/local/share/ "$1" stdout -l eng | xml esc) | |
| hex=$((cat <<EOF | |
| <?xml version="1.0" encoding="UTF-8"?> | |
| <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | |
| <plist version="1.0"> |
threatinteltest
/ Whitelisting.txt
Created Nov 20, 2017
MITRE ATT&CK Mapped Against Whitelisting Defense
View Whitelisting.txt
| T1103 - AppInitDlls | |
| T1017 - Application Deployment Software | |
| T1131 - Authentication Package | |
| T1009 - Binary Padding | |
| T1042 - Change Default Association | |
| T1116 - Code Signing | |
| T1122 - Component Object Model Hijacking | |
| T1003 - Credential Access | |
| T1055 - DLL Injection | |
| T1038 - DLL Search Order Hijacking |