SensePost | Blog

Masquerading Windows processes like a DoubleAgent.

Reading time: ~18 min

Posted by Philippe Vogler on 23 April 2020

Categories: Anti-virus, Malware, Persistence, Post-exploitation, Sysmon, Windows

I’ve been spending some time building new content for our Introduction to Red Teaming course, which has been great for...

Bypass
Command execution
Dns
Experiment
Ioc
Malware
Research
Tools
Tunnelling

Reading time: ~12 min

Posted by Leon Jacobs on 24 October 2018

Categories: Bypass, Command execution, Dns, Experiment, Ioc, Malware, Research, Tools, Tunnelling

or DNS exfiltration over DNS over HTTPS (DoH) with godoh “Exfiltration Over Alternate Protocol” techniques such as using the Domain...

Reading time: ~10 min

Posted by vlad on 19 February 2016

Categories: Research, Malware, Ransomware

A few days ago I was asked to have a look at the newly emerged crypto-ransomware threat “Locky” which utilises Dridex-like Command and Control...