Abusing DCOM For Yet Another Lateral Movement Technique
This post discusses an alternate DCOM lateral movement discovery and payload execution method by locating DCOM registry key/values that point to the path of a non-existing binary on the 'remote' machine, providing an example method that may work if mobsync.exe is not in the default location on Windows 2008 R2 and Windows 2012 R2 systems.
FEATURES
ALTERNATIVES
An open-source shellcode and PE packer for creating and managing portable executable files.
A tool that finds more information about a given URL or domain by querying multiple data sources.
Open-source project for building instrumented environments to simulate attacks and test detections.
Repository of tools for testing iPhone messaging by Project Zero
XAHICO Web Platform is a cloud-based solution for vulnerability detection, penetration testing, and adversary simulation, accessible through web browsers and suitable for various user levels.
A cross-platform tool for creating malicious MS Office documents with hidden VBA macros and anti-analysis features.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.