Explore >> Select a destination
|
You are here 
|
pentestarmoury.com | ||
| | | | |
forensicitguy.github.io
|
|
| | | | | In this post I want to take a look at a PowerShell-based Cobalt Strike beacon that appeared on MalwareBazaar. This particular beacon is representative of most PowerShell Cobalt Strike activity I see in the wild during my day job. The beacons often show up as service persistence during incidents or during other post-exploitation activity. If you want to follow along at home, the sample I'm using is here: | |
| | | | |
www.darkoperator.com
|
|
| | | | | [AI summary] The provided text discusses various methods to secure PowerShell environments against potential threats, focusing on monitoring, logging, and policy enforcement. It outlines the use of Group Policy to enable module logging, which helps track PowerShell cmdlet activities. The text also covers the use of Software Restriction Policies (SRP) and AppLocker for controlling application execution. Additionally, it mentions the PowerShell v3 feature __PSLockdownPolicy as a tool for restricting PowerShell functionalities. The author emphasizes the importance of planning and testing these security measures in a controlled environment to ensure effectiveness. | |
| | | | |
taeluralexis.com
|
|
| | | | | We'll target a network comprising 3 machines, leveraging CVE exploits, pivoting, code obfuscation techniques, and AV bypass strategies. | |
| | | | |
peoplingthepast.com
|
|
| | | In this week's episode of the podcast, we sit down with Dr. Mathura Umachandran to discuss past harms and potential futures for the fields of Classics and Ancient Mediterranean Studies. | ||
