cqrenet/elysium
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Typo fix

Browse Source
This commit is contained in:
Tomas Kracmar
2024-04-12 20:42:07 +02:00
parent 075125af41
commit 2a34a5ca52
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@@ -35,6 +35,7 @@ Run script Elysium.ps1 as an administrator and choose option 4 (Uninstall).
The script will then delete everything and remove the passphrase variable. The script will then delete everything and remove the passphrase variable.
--- ---
## FAQ ## FAQ
### What happens to the hashes we uploaded? ### What happens to the hashes we uploaded?
These hashes are subjected to cracking. Any cracked hash is then added to KHDB. Hash cracking happens on dedicated air-gapped machine and all sensitive material is never decrypted outside this machine. Secure exchange of decryption keys is arranged beforehand with every client. These hashes are subjected to cracking. Any cracked hash is then added to KHDB. Hash cracking happens on dedicated air-gapped machine and all sensitive material is never decrypted outside this machine. Secure exchange of decryption keys is arranged beforehand with every client.
### Do we need to upload the hashes? ### Do we need to upload the hashes?
@@ -61,4 +62,4 @@ They are paired online while running the script. KHDB does not contain usernames
### Would our EDR solution interfere with this tool? ### Would our EDR solution interfere with this tool?
It should! If you have EDR installed on the host machine, this tool should be exceptioned. It should! If you have EDR installed on the host machine, this tool should be exceptioned.
### Would our monitoring tool detect this activity? ### Would our monitoring tool detect this activity?
It should, as it is extremely sensitive operation that should never happen outside of this (or similar) procedure. Running this tool should be cleared with your SOC beforehand (or used as a test case). It should, as it is extremely sensitive operation that should never happen outside of this (or similar) procedure. Running this tool should be cleared with your SOC beforehand (or used as a test case).