Typo fix
This commit is contained in:
@@ -35,6 +35,7 @@ Run script Elysium.ps1 as an administrator and choose option 4 (Uninstall).
|
||||
The script will then delete everything and remove the passphrase variable.
|
||||
---
|
||||
## FAQ
|
||||
|
||||
### What happens to the hashes we uploaded?
|
||||
These hashes are subjected to cracking. Any cracked hash is then added to KHDB. Hash cracking happens on dedicated air-gapped machine and all sensitive material is never decrypted outside this machine. Secure exchange of decryption keys is arranged beforehand with every client.
|
||||
### Do we need to upload the hashes?
|
||||
@@ -61,4 +62,4 @@ They are paired online while running the script. KHDB does not contain usernames
|
||||
### Would our EDR solution interfere with this tool?
|
||||
It should! If you have EDR installed on the host machine, this tool should be exceptioned.
|
||||
### Would our monitoring tool detect this activity?
|
||||
It should, as it is extremely sensitive operation that should never happen outside of this (or similar) procedure. Running this tool should be cleared with your SOC beforehand (or used as a test case).
|
||||
It should, as it is extremely sensitive operation that should never happen outside of this (or similar) procedure. Running this tool should be cleared with your SOC beforehand (or used as a test case).
|
||||
|
Reference in New Issue
Block a user