Sandman - NTP Based Backdoor For Red Team Engagements In Hardened Networks

Sandman is a backdoor that is meant to work on hardened networks during red team engagements. Sandman works as a stager and leverages NTP a protocol to sync time & date to get and run an arbitrary shellcode from a pre-defined server. Since NTP is a protocol that is overlooked by many defenders...