ModTask – Task Scheduler Attack Tool

ModTask is an advanced C# tool designed for red teaming operations, focusing on manipulating scheduled tasks to facilitate both lateral movement and persistence in target networks.

This tool allows users to list, analyze, and modify scheduled tasks on both local and remote systems.

It supports a variety of trigger modifications and includes built-in features for cleaning up after operations to restore original task settings.

ModTask is a crucial asset for cybersecurity professionals, requiring administrative access to effectively manage scheduled tasks across environments.

ModTask is a C# Red Teaming Attack Tool that can be utilized for:

Listing Scheduled Tasks along with their SDDL strings and key information, locally and remotely.
Selecting a specific Scheduled Task for a detailed overview of its configuration settings.
Modifying a Scheduled Task, locally and remotely. Utilizing either an Exe file path and arguments or a COM object Class ID for execution. Useful for lateral movement and persistence scenarios.
Supports mutiple trigger modifications such as Startup Boot Triggers and Daily Triggers with Repetition Patterns.
Built in cleanup functionality to revert the task to its orginal state before any modifications had taken place.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.