Explore >> Select a destination
|
You are here 
|
blog.flanker017.me | ||
| | | | |
forensicitguy.github.io
|
|
| | | | | In this post I want to take a look at a PowerShell-based Cobalt Strike beacon that appeared on MalwareBazaar. This particular beacon is representative of most PowerShell Cobalt Strike activity I see in the wild during my day job. The beacons often show up as service persistence during incidents or during other post-exploitation activity. If you want to follow along at home, the sample I'm using is here: | |
| | | | |
andrewroderos.com
|
|
| | | | | In this blog post, you will learn how to escalate from a command shell to a Meterpreter shell using PowerShell Empire and Metasploit. | |
| | | | |
taeluralexis.com
|
|
| | | | | We'll target a network comprising 3 machines, leveraging CVE exploits, pivoting, code obfuscation techniques, and AV bypass strategies. | |
| | | | |
lobsterpot.com.au
|
|
| | | I don't like to write about client situations, but this one seemed worth mentioning for the sake of other people experiencing the same thing, so I asked my client for permission and they agreed. Following an on-prem server reboot, anything that tried to connect to SQL Server on that server, using Windows Authentication, was getting [...] | ||
