C2 Powershell Empire is a classic - but can you still use it with EDR (Defender) in place?
offensive security
View All RedTeam Cybersecurity Pentesting C2 True Cybercrime Cybersecurity Insights Enumeration Evasion Cybersecurity Research Operational Security Privilege Escalation Physical Access Offensive Security Social Engineering
3 min read
C2 2 min read
Evasion We made the bold claim, that all AMSI evasions still work. But is that really true? Come in for a ride.
7 min read
C2 Let's try and do things like they're done in real attacks. While the media recently was all over ConnectWise ScreenConnect, we instead focus on AnyDesk - which is used by many Cybercriminals these days - in an Assumed Breach scenario.
4 min read
Cybersecurity Research We created a custom reverse shell from scratch and made it persistent - the result is scary, to say the least.
2 min read
Evasion Once made some architecture visualisations - maybe a chance to explain how these came to life and how I discovered: all evasions still work fine.
7 min read
Cybersecurity Research As promissed, we continue executing code using rundll32 on a fully updated system.