Mature Your Threat Hunting by Testing Your Visibility

Threat hunting starts with a hypothesis. Without a hypothesis, you’re just combing through log files - and that isn’t threat hunting. Once you have a hypothesis, you can begin your search, but you won’t always find a hacker. Testing, like the open source tests available from Red Canary’s Atomic R...

Enigma Fileless UAC Bypass Exploit

This Metasploit module is an implementation of fileless uac bypass using cmd.exe instead of powershell.exe OJ msf module. This module will create the required registry entry in the current user's hive, set the default value to whatever you pass via the EXECCOMMAND parameter, and runs eventvwr.exe...

Microsoft Windows - Fileless UAC Protection Bypass Privilege Escalation (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Windows Escalate UAC Protection Bypass with Fileless', 'Description' = %q This module will bypass Windows UAC by utilizing...