Lucene search
K

6 matches found

Talos Blog
Talos Blog
added 2022/08/30 12:0 p.m.33 views

ModernLoader delivers multiple stealers, cryptominers and RATs

By Vanja Svajcer Cisco Talos recently observed three separate, but related, campaigns between March and June 2022 delivering a variety of threats, including the ModernLoader bot, RedLine information-stealer and cryptocurrency-mining malware to victims. The actors use PowerShell, .NET assemblies,...

0.5AI score
Exploits0
Kitploit
Kitploit
added 2022/01/17 11:30 a.m.25 views

Inject-Assembly - Inject .NET Assemblies Into An Existing Process

This tool is an alternative to traditional fork and run execution for Cobalt Strike. The loader can be injected into any process, including the current Beacon. Long-running assemblies will continue to run and send output back to the Beacon, similar to the behavior of execute-assembly. There are t...

8AI score
Exploits0References8
Kitploit
Kitploit
added 2021/02/06 8:30 p.m.171 views

ExecuteAssembly - Load/Inject .NET Assemblies

ExecuteAssembly is an alternative of CS execute-assembly, built with C/C++ and it can be used to Load/Inject .NET assemblies by; reusing the host spawnto process loaded CLR Modules/AppDomainManager, Stomping Loader/.NET assembly PE DOS headers, Unlinking .NET related modules, bypassing ETW+AMSI,...

7AI score
Exploits0References8
Kitploit
Kitploit
added 2019/11/07 8:43 p.m.147 views

Donut - Generates X86, X64, Or AMD64+x86 Position-Independent Shellcode That Loads .NET Assemblies, PE Files, And Other Windows Payloads From Memory

Donut generates x86 or x64 shellcode from VBScript, JScript, EXE, DLL including .NET Assemblies files. This shellcode can be injected into an arbitrary Windows processes for in-memory execution. Given a supported file type, parameters and an entry point where applicable such as Program.Main, it...

8AI score
Exploits0References6
Kitploit
Kitploit
added 2018/10/16 9:4 p.m.60 views

RemoteRecon - Remote Recon And Collection

RemoteRecon provides the ability to execute post-exploitation capabilities against a remote host, without having to expose your complete toolkit/agent. Often times as operator's we need to compromise a host, just so we can keylog or screenshot or some other miniscule task against a person/host of...

7.6AI score
Exploits0References4
FireEye
FireEye
added 2018/06/18 11:45 a.m.555 views

Bring Your Own Land (BYOL) – A Novel Red Teaming Technique

Introduction One of most significant recent developments in sophisticated offensive operations is the use of “Living off the Land” LotL techniques by attackers. These techniques leverage legitimate tools present on the system, such as the PowerShell scripting language, in order to execute attacks...

1.6AI score
Exploits0
Rows per page
Query Builder