/explore

Click through on any links that interest you or select the planets on the right to continue exploring the Outer Web.
You are here

adsecurity.org
| | forensicitguy.github.io
3.4 parsecs away

Travel
| | In this post I want to take a look at a PowerShell-based Cobalt Strike beacon that appeared on MalwareBazaar. This particular beacon is representative of most PowerShell Cobalt Strike activity I see in the wild during my day job. The beacons often show up as service persistence during incidents or during other post-exploitation activity. If you want to follow along at home, the sample I'm using is here:
| | 0xcybery.github.io
4.6 parsecs away

Travel
| | Bypass Windows Defender in Windows 11.
| | www.syspanda.com
4.5 parsecs away

Travel
| | I wanted to write about the importance of checking for new services as this is an avenue in which attackers leverage their persistence methods. While looking at newly created services... [Continue Reading]
| | artsploit.blogspot.com
20.2 parsecs away

Travel
| In December 2015, I found a critical vulnerability in one of PayPal business websites ( manager.paypal.com ). It allowed me to exe...