-
## Description
Living-off-the-land binaries (LoLBins) are used by different actors combined with fileless malware and legitimate cloud services to improve chances of staying undetected within an orga…
-
The Network control section has the following statements which seem to contradict each other, please resolve this apparent discrepancy or add some clarification language
Protect your Azure VMware S…
-
[Enter feedback here]
The document says, 'Integrated license for Microsoft Defender for Endpoint - Microsoft Defender for Servers includes [Microsoft Defender for Endpoint](https://www.microsoft.com/…
-
This is the error I get when trying to run 'python dettect.py generic -ds'
```
Traceback (most recent call last):
File "dettect.py", line 353, in
_menu(_init_menu())
File "dettect.py",…
-
### While executing the initial Reports ingestion
`python3 misp_import.py --reports`
```
[2022-08-19 21:27:14,136] (INFO) Start getting reports from Crowdstrike Intel API and pushing them as ev…
-
Is it possible to inject the Rootkit with C# natively or in some other way, without using PowerShell?
I say this, because the injection with PowerShell, is detected by many AV's. :://
-
- [ ] https://www.giac.org/paper/gcfa/11563/hunting-ghosts-fileless-attacks/150888
-
https://attack.mitre.org/techniques/T1038/
and
https://attack.mitre.org/techniques/T1073/ (specifically see some of the APT group examples)
Also investigate: HKEY_LOCAL_MACHINE\SYSTEM\Cur…
ION28 updated
4 years ago
-
# Report
The PowerShell Fileless Script Execution doesn't work, due to iex interpreting the -path variable as a switch in Invoke-Expression, not within Set-Content.
See output below.
PS C:\Users\…
-
Hi, I'd like to report what I think could be a bug and a couple of suggestions (non feature requests, I know PR is the right path for that). Thanks in advance.
## Context
Please provide any rele…