File tree Expand file tree Collapse file tree 1 file changed +27
-0
lines changed
Expand file tree Collapse file tree 1 file changed +27
-0
lines changed Original file line number Diff line number Diff line change 1+ ---
2+ Name : Ntsd.exe
3+ Description : Symbolic Debugger for Windows.
4+ Author : Avihay Eldad
5+ Created : 2025-07-16
6+ Commands :
7+ - Command : ntsd.exe -g {CMD}
8+ Description : Launches command through the debugging process; optionally add `-G` to exit the debugger automatically.
9+ Usecase : Executes an executable under a trusted microsoft signed binary.
10+ Category : Execute
11+ Privileges : User
12+ MitreID : T1127
13+ OperatingSystem : Windows
14+ Tags :
15+ - Execute : CMD
16+ Full_Path :
17+ - Path : C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\ntsd.exe
18+ - Path : C:\Program Files (x86)\Windows Kits\10\Debuggers\x86\ntsd.exe
19+ - Path : C:\Program Files (x86)\Windows Kits\10\Debuggers\arm\ntsd.exe
20+ - Path : C:\Program Files (x86)\Windows Kits\10\Debuggers\arm64\ntsd.exe
21+ Resources :
22+ - Link : https://learn.microsoft.com/en-us/windows-hardware/drivers/debugger/cdb-command-line-options
23+ - Link : https://strontic.github.io/xcyclopedia/library/ntsd.exe-629EA12D527237B9CD945AC44C2DE80D.html
24+ Acknowledgement :
25+ - Person : Avihay Eldad
26+ Handle : ' @AvihayEldad'
27+ ---
You can’t perform that action at this time.
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?v=4&size=40){kind=avatar}
0 commit comments