Search the Community
Showing results for tags 'APT'.
Hi, I wanted to learn how to perform ATP attacks. I have a problem with creating a backdoor / payload that will not be detected by antivirus systems and which will give me access to the attacked computer via a reverse connection. I'm not a good programmer, but I thought I would create my own code that would give me a system shell using the SSH reverse tunnel. I find that if it will be my code it will not be detectable for AV. Unfortunately, the more I think about it, I come to the conclusion that once I have such a system shell, I still have to provide a meterpreter payload, which will allow for more advanced work, and it will definitely detect the anti-virus. I want to learn but I do not know what to do in such a situation. How to create a meterpreter payload that will not be detected by AV? I see that msvenom generates already encoded payload. Is it possible to get such a payload not encrypted? Maybe if I changed his sources in pure C, it would be less detectable? I've tried veil, shellter, thefatrat, etc. But it does not help. Most AV immediately detect payload. I am mainly interested in payloads on MS Windows. Later I want to try Android.
Hi. I connected with Putty. OS is Debian. and I want to update it and I want to install android -tools-adb android-tools-fastboot. But I cant. Cause, happening some errors. I changed sources list. But same error. What's problem?
Hi, I have been playing a little with Powershell and have come up with a proof-of-concept using Powershell for APT. I have a full description of the code here: http://www.cron.dk/powershell-hacking/ Please drop me a note if you find it interesting. Best regards, Alex
Evening all, I am a Security Analyst with a number of years under my belt. I have worked for many organisations in quite a few different industries, namely Defence & Aerospace and Telecommunications. During my time working for a Defence & Aerospace company, I was heavily involved in APT investigations, APT group tracking and the field of threat intelligence (OSINT). I recently started a blog, Chimera Security and was wondering, what is the best way to get my brand out there and start generating traffic? I am already working on a few projects and will be posting write-ups of those over the next few weeks. The content on the blog is pretty slow at the minute but the amount of traffic the blog gets will increase the amount of content I create and get out there! Regards, - J _____________________________________________________ http://www.chimera-security.com http://www.twitter.com/ChimeraSecurity