Y4er posted at Dec 31, 2020
[翻译]CobaltStrike 使用Beacon Object Files(BOF)进行 Direct Syscalls
原文链接:https://outflank.nl/blog/2020/12/26/direct-syscalls-in-beacon-object-files/
原文作者:Cornelis de...
- 0
itoumke posted at Jul 27, 2020
Garminを狙ったランサムウェア(WastedLocker)の話
キーとなる攻撃技術要素としてはSocGholishとCobaltStrikeが挙げられる。 SocGholish:JavaScriptベースのフレームワークで、システムまたは ...
- 0
odorusatoshi posted at Aug 04, 2020
sysmonログ活用虎の巻 ~情報まとめ~
ル(TargetFilename)をチェック
Event Codes 17 and 18: Pipe creation and connection
CobaltStrike ...
- 5
Y4er posted at Oct 05, 2020
[翻译]使用反API hook技术执行进程注入从而绕过 BitDefender total security
我们的主要目标是在端点上启用BitDefender的同时,执行进程注入以获取cobaltstrike的beacon。
What is API Hooking?
- 0
CobaltStrike Search syntax
- title:Git
- Containing "Git" in title
- body:Ruby
- Containing "Ruby" in body
- code:function
- Containing "function" in code
- tag:Rails
- Tagged with "Rails"
- user:qiita
- Created by qiita
- stocks:>3
- more than 3 stocked
- created:>2020-12-16
- Created after 2020-12-16
- updated:>2020-12
- Updated after 2020-12-01
- -tag:Ruby
- Not containing "tag:Ruby"
- Ruby OR Rails
- Containing "Ruby" or "Rails"