🐚 GTFOBins πŸͺŸ LOLBAS πŸ’Ύ Compiled Binaries 🩸 BloodHound 🩸 bloodyAD πŸ“œ Certipy ☁️ Cloud ⚑ goexec πŸ€– HackTricks πŸ”Œ HardwareATT πŸ“¦ Impacket 🏰 InternalATT πŸ”€ Ligolo-ng 🐱 Mimikatz πŸ’£ msfvenom πŸ”§ NetExec πŸ€– OSAI πŸ’₯ PATT 🍳 Recipes 🎟️ Rubeus 🐍 Sliver
πŸͺŸ LOLBAS / Cipher.exe

Cipher.exe

File Encryption Utility

Tamper

Can be used to forensically erase a file.

cipher /w:{PATH_ABSOLUTE:folder}

Zero out a file — MITRE: T1485 — Privileges: User

Can be used to impair defences by e.g. encrypting a critical EDR solution file.

cipher.exe /e {PATH_ABSOLUTE}

Encrypt a file — MITRE: T1562 — Privileges: Admin