Abusing DCOM For Yet Another Lateral Movement Technique
#Security Testing#Offensive Security
MiniCPS is a framework for Cyber-Physical Systems real-time simulation with support for physical process and control devices simulation, and network emulation.
Exploring an Alternative Method for DCOM Lateral Movement Discovery and Payload Execution
This post examines an alternative approach for identifying DCOM lateral movement and executing payloads. This method focuses on locating DCOM registry keys and values that point to the path of a binary that is not present on the 'remote' machine. We provide an example demonstrating how this strategy can be effective if mobsync.exe is missing from its default location on Windows 2008 R2 and Windows 2012 R2 systems.
Other AI Tools
RTFSig
A simple JWT token brute force cracker
Details
Visit site
Reversing With Lena (Tutorials)
Falcon Sandbox is a malware analysis framework that provides in-depth static and dynamic analysis of files, offering hybrid analysis, behavior indicators, and integrations with various security tools.
Details
Visit site
Rootkit Hunter
Define and validate YARA rule metadata with CCCS YARA Specification.
Details
Visit site
ROPgadget Tool
A Scriptable Android Debugger for reverse engineers and developers.
Details
Visit site
Ropper
Automatic analysis of malware behavior using machine learning.
Details
Visit site
Sabotage: Code added to popular NPM package wiped files in Russia and Belarus
A dataset release policy for the Android Malware Genome Project, requiring authentication and justification for access to the dataset.
Details
Visit site