Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Importing apt29.ps1 #32

Open
DillonSingh opened this issue Sep 2, 2022 · 3 comments
Open

Importing apt29.ps1 #32

DillonSingh opened this issue Sep 2, 2022 · 3 comments

Comments

@DillonSingh
Copy link

I am experiencing this error when I try importing apt29.ps1. What do I do? I've already set the execution policy to bypass

image

image

Any help?
@gfoss
Copy link
Contributor

gfoss commented Sep 2, 2022
edited
Loading

Try setting your execution policy to unrestricted. The mimikatz function is likely getting picked up by defender now, so you may need to remove that portion from the code for the module to import properly. It's been a while since I've looked at this project, so it may take some tweaking to get to work.

@DillonSingh
Copy link
Author

I set it to unrestricted and have been debugging it for a while now. Antivirus detected the below and I've allowed it, but still haven't been successful in running the script

image

@treblestack
Copy link

@DillonSingh,

I had a same issue - problem is that you downloaded file with htmp tags which is not needed.
Please create new .ps1 file and take code from here:
https://raw.githubusercontent.com/carbonblack/tau-tools/master/threat_emulation/Invoke-APT29/apt29.ps1
And use that file during the test.

Hope this will help you as it helped to me. :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@gfoss @DillonSingh @treblestack