DDE attack with PowerShell Empire

Open-source project for building instrumented environments to simulate attacks and test detections.

Understanding the DDE Attack Using PowerShell

The DDE attack with PowerShell Empire enables users to weaponize a Word document by embedding a PowerShell Empire-based payload. This method exploits the Microsoft DDE vulnerability to execute code within MS Word and other Microsoft applications.

For More Information, Please Refer To

For further details, please refer to the original research at: https://sensepost.com/blog/2017/macro-less-code-exec-in-msword/. To carry out this attack, make sure you have set up an Empire listener.

Other AI Tools

RTFSig

A simple JWT token brute force cracker

Details

Reversing With Lena (Tutorials)

Falcon Sandbox is a malware analysis framework that provides in-depth static and dynamic analysis of files, offering hybrid analysis, behavior indicators, and integrations with various security tools.

Details