This post describes a new capability that has been deployed within PoshC2, which is designed to assist with revealing a wider set of target environment variables at the dropper stage, as part of operational security controls. Imagine the following scenario. You’ve deployed IP address white-listing on a proxy in order to limit implant installation to […]
Author Archive for: Doug McLeod
About Doug McLeod
This author has yet to write their bio.Meanwhile lets just say that we are proud Doug McLeod contributed a whooping 2 entries.
Entries by Doug McLeod
Invoke-Pbind is a mini post exploitation framework written in PowerShell, which builds C2 communications over SMB named pipes using a push rather than a pull mechanism. Pbind was initially created to overcome lateral movement problems, specifically in restricted environments where the server VLAN could not directly talk to the user VLAN (as it should be […]