What is Phishing? Phishing is a social engineering attack used to obtain user information such as login credentials and credit card information. It happens when a malicious actor pretends to be someone or something trustworthy to trick a victim into opening an email, IM, or text message. Scenario Consider a small business with 30 employees that...
Even though the usage of IPv6 is gaining traction, it is rare to find an organization using it in its network. Most people do not realize that although most organizational networks communicate using IPv4, Windows versions since Windows Vista enables IPv6 by default and prefers it over IPv4. We are exploiting this functionality to gain...
There are situations where On-site penetration testing is not always feasible. It’s better to go for a remote “pentest dropbox” in such cases. The pentest dropbox, in this context, is a Raspberry Pi 4 which is shipped to a remote customer/client. The client will either connect the dropbox to an ethernet port or set the...
In Part 1 of our Antivirus Evasion series, we managed to get a meterpreter reverse shell while evading Windows Defender by writing an .exe file to disk and then executing it. Malware can also be run entirely in memory to avoid leaving any data on disk. One way to do this is by utilizing .NET...
Antivirus Evasion in general use signature-based and heuristics-based malware detection mechanisms. In this blog, we will learn and test some techniques to try and bypass such defences, and to get a fully functional meterpreter reverse shell from an updated Windows Server 2016 running Windows Defender. We will be utilizing multiple win32 APIs using C# and...
