Cyber crime is taking next level of steps for taking control on digital world. Research done by ethical hacking researcher of International Institute of Cyber Security (IICS) shows increase inRead More →
Information security professionals explain that Harness is the remote access payload with the ability to provide a remote interactive PowerShell interface from a Windows system to almost any TCP socket. TheRead More →
An information security expert explains that Grouper is an unstable PowerShell module designed for use by pentesters and redteamers that filters the XML output of the Get-GPOReport cmdlet and identifies all theRead More →
A group of information security professionals that does active directory audits recently noticed that they are repeating themselves over and over again. So, the experts decided to write as much of thisRead More →
Invoke-DOSfuscation is a PowerShell v2.0+ compatible cmd.exe command obfuscation framework. (White paper: https://www.fireeye.com/blog/threat-research/2018/03/dosfuscation-exploring-obfuscation-and-detection-techniques.html) Over the past several years we witnessed a myriad of obfuscation and evasion techniques employed by several threatRead More →
Powerdown the PowerShell Attacks : Harnessing the power of logs to monitor the PowerShell activities Lately, I have been working on analyzing the PowerShell attacks in my clients’ environment. Based on theRead More →
PowerShell continues to be the tool of choice for defenders, IT administrators, and hackers. The extensibility, support, and ability to have a full-fledged programming language at your fingertips provides aRead More →
Embedding a shortcut (.lnk file) which points to powershell (accompanied by an encoded command) in a word document or zip file is a known sneaky trick to spread malware. TheRead More →
Just over one year ago (November 2015), I released WMIOps, a PowerShell script that enables a user to carry out different actions via Windows Management Instrumentation (WMI) on the localRead More →
