# Koadic > Tipo: **tool** · S0250 · [MITRE ATT&CK](https://attack.mitre.org/software/S0250) ## Descrição [[s0250-koadic|Koadic]] é um framework de pós-exploração para Windows e ferramenta de teste de penetração disponível públicamente no GitHub. O [[s0250-koadic|Koadic]] oferece diversas opções para staging de payloads e criação de implants, e realiza a maioria de suas operações utilizando o Windows Script Host. **Plataformas:** Windows ## Técnicas Utilizadas - [[t1016-system-network-configuration-discovery|T1016 - System Network Configuration Discovery]] - [[t1082-system-information-discovery|T1082 - System Information Discovery]] - [[t1059-005-visual-basic|T1059.005 - Visual Basic]] - [[t1218-005-mshta|T1218.005 - Mshta]] - [[t1055-001-dynamic-link-library-injection|T1055.001 - Dynamic-link Library Injection]] - [[t1218-010-regsvr32|T1218.010 - Regsvr32]] - [[t1033-system-owneruser-discovery|T1033 - System Owner/User Discovery]] - [[t1564-003-hidden-window|T1564.003 - Hidden Window]] - [[t1003-002-security-account-manager|T1003.002 - Security Account Manager]] - [[t1105-ingress-tool-transfer|T1105 - Ingress Tool Transfer]] - [[t1071-001-web-protocols|T1071.001 - Web Protocols]] - [[t1047-windows-management-instrumentation|T1047 - Windows Management Instrumentation]] - [[t1059-001-powershell|T1059.001 - PowerShell]] - [[t1115-clipboard-data|T1115 - Clipboard Data]] - [[t1548-002-bypass-user-account-control|T1548.002 - Bypass User Account Control]] ## Grupos que Usam - [[g0007-apt28|APT28]] - [[g0140-lazyscripter|LazyScripter]] - [[g0121-sidewinder|Sidewinder]] - [[g0069-mango-sandstorm|MuddyWater]] ## Referências - [MITRE ATT&CK - S0250](https://attack.mitre.org/software/S0250)