Hacking Tools

ModTask – Task Scheduler Attack Tool

ModTask is an advanced C# tool designed for red teaming operations, focusing on manipulating scheduled tasks to facilitate both lateral movement and persistence in target networks.

This tool allows users to list, analyze, and modify scheduled tasks on both local and remote systems.

It supports a variety of trigger modifications and includes built-in features for cleaning up after operations to restore original task settings.

ModTask is a crucial asset for cybersecurity professionals, requiring administrative access to effectively manage scheduled tasks across environments.

ModTask is a C# Red Teaming Attack Tool that can be utilized for:

  • Listing Scheduled Tasks along with their SDDL strings and key information, locally and remotely.
  • Selecting a specific Scheduled Task for a detailed overview of its configuration settings.
  • Modifying a Scheduled Task, locally and remotely. Utilizing either an Exe file path and arguments or a COM object Class ID for execution. Useful for lateral movement and persistence scenarios.
  • Supports mutiple trigger modifications such as Startup Boot Triggers and Daily Triggers with Repetition Patterns.
  • Built in cleanup functionality to revert the task to its orginal state before any modifications had taken place.
Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Recent Posts

ROADTools: The Modern Azure AD Exploration Framework

ROADTools is a powerful framework designed for exploring and interacting with Microsoft Azure Active Directory…

1 day ago

How to Enumerate Microsoft 365 Groups Using PowerShell and Python

Microsoft 365 Groups (also known as M365 Groups or Unified Groups) are at the heart…

1 day ago

SeamlessPass: Using Kerberos Tickets to Access Microsoft 365

SeamlessPass is a specialized tool designed to leverage on-premises Active Directory Kerberos tickets to obtain…

2 days ago

PPLBlade: Advanced Memory Dumping and Obfuscation Tool

PPLBlade is a powerful Protected Process Dumper designed to capture memory from target processes, hide…

2 days ago

HikPwn : Simple Scanner For Hikvision Devices With Basic Vulnerability Scanning

HikPwn: Comprehensive Guide to Scanning Hikvision Devices for Vulnerabilities If you’re searching for an efficient…

3 days ago

Comments in Bash Scripts

What Are Bash Comments? Comments in Bash scripts, are notes in your code that the…

1 week ago