Open BustedSec opened 7 years ago
Hey @BustedSec,
Thanks for the idea. The black detection was originally part of this PoC, but I found it was really bad at detecting shells, both false positives and false negatives. Another project, https://github.com/linuz/Sticky-Keys-Slayer, extended this PoC and does use black pixel detection. However, I prefer to use this opencv script I wrote to do feature matching against screenshots of shells: https://github.com/ztgrace/junk_drawer/blob/master/screenshot_detect.py
Let me know if you have any questions.
Cheers, Zach
have it scan the pictures for black pixels which indicate command prompt