Lucene search
K

9 matches found

Metasploit
Metasploit
added 2026/01/14 6:54 p.m.421 views

WMI Event Subscription Logon Timer Persistence

This module will create a permanent WMI event subscription to achieve file-less persistence using an event filter that will trigger the payload after the system has a certain uptime. Payloads will trigger every minute until the set end time. Additionally a custom command can be specified to run...

5.8AI score
Exploits0
Metasploit
Metasploit
added 2026/01/14 6:54 p.m.415 views

WMI Event Subscription Interval Persistence

This module will create a permanent WMI event subscription to achieve file-less persistence using an event filter that triggers the payload after the specified CALLBACKINTERVAL. If the persistence is not installed, it will keep triggering payloads to spawn. Additionally a custom command can be...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/14 12:0 a.m.8 views

WMI Event Subscription Event Log Persistence

This Metasploit module will create a permanent WMI event subscription to achieve file-less persistence using an event filter that will query the event log for an EVENTIDTRIGGER default: failed logon request id 4625 that also contains a specified USERNAMETRIGGER note: failed logon auditing must be...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/14 12:0 a.m.5 views

WMI Event Subscription Process Persistence

This Metasploit module will create a permanent WMI event subscription to achieve file-less persistence using an event filter that triggers the payload when the specified process is started. Additionally a custom command can be specified to run once the trigger is activated using the advanced opti...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/14 12:0 a.m.8 views

WMI Event Subscription Interval Persistence

This Metasploit module will create a permanent WMI event subscription to achieve file-less persistence using an event filter that triggers the payload after the specified CALLBACKINTERVAL. If the persistence is not installed, it will keep triggering payloads to spawn. Additionally a custom comman...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2022/05/18 10:18 a.m.56 views

Hackers Gain Fileless Persistence on Targeted SQL Servers Using a Built-in Utility

Microsoft on Tuesday warned that it recently spotted a malicious campaign targeting SQL Servers that leverages a built-in PowerShell binary to achieve persistence on compromised systems. The intrusions, which leverage brute-force attacks as an initial compromise vector, stand out for their use of...

0.7AI score
Exploits0
Talos Blog
Talos Blog
added 2019/06/07 12:0 p.m.173 views

Threat Roundup for May 31 to June 7

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 31 and June 07. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

7.8AI score
Exploits0
Talos Blog
Talos Blog
added 2019/05/07 8:47 a.m.150 views

Threat Roundup for April 26 to May 3

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 26 and May 03. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

7.2AI score
Exploits0
Talos Blog
Talos Blog
added 2019/03/22 11:27 a.m.55 views

Threat Roundup for March 15 to March 22

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between March 15 and March 22. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

0.5AI score
Exploits0
Rows per page
Query Builder