*Proxy Command Execution/DLL Injection Via SyncAppvPublishingServer.vbs > PowerShell > rundll32 > Bad.dll vs Microsoft Defender for Endpoint* This builds off a post I did yesterday, a colleague of mine () commented and asked about the above vector and endpoint detections. I tested the above vector without MDE protection just to see the mechanics and then secured with MDE. You can find the resources I used to facilitate this attack, below. DLL: https://github.com/mvelazc0/defcon27_csharp_workshop/blob/master/Labs/lab6/ShellcodeInjectionDll/ShellcodeInjection.cpp SyncAppvPublishingServer.vbs: https://mp.weixin.qq.com/s/Ud7TbeMJb8fsRlaGHWhBww #infosec #cybersecurity #informationsecurity #threatintelligence #networksecurity #sec #security #tools #offensivesecurity #pentesting #redteam #blueteam *PANDEMIC Counter Cyber Intelligence Automation* Neo4j – Elastic – Custom Automation - Our next generation product ASATA will be powered by PANDEMIC counter cyber intelligence automation. We have put together a bit of a video to showcase some of the backend capabilities as we are using it to apply for a cyber security accelerator, cohort intake this fall. I thought it would be cool to share this information with our awesome followers as well. We really do appreciate all of you!! Great things are coming very soon!! (Whitepaper): https://www.cybermongol.ca/uploads/1/1/9/8/119816416/cyber_mongol_counter_cyber_intelligence.pdf #infosec #cybersecurity #informationsecurity #threatintelligence #networksecurity #sec #security #tools #offensivesecurity #pentesting #redteam #blueteam |