Truth be told, this isn’t really about bypassing AV. “Bypassing AV” would suggest a workflow of creation, execution, detection, analysis, modification, test, etc, which I certainly didn’t employ. The AV agents used by VirusTotal never detected the payload as malicious (nor did the AV product I use) so no bypass was actually required. Dart is…
I started this thing at work – we call it BugWeek – where a few times a year, the senior staff lock ourselves in my office and go to town on the corporate network. It’s a great way to find exposures that traditional vulnerability scanners don’t pick up, and it helps keep the blue team’s ‘red’ skills…
PowershellEmpire is basically a post-exploitation framework that utilises the widely-deployed PowerShell tool for all your system-smashing needs. It’s feels quite Metasploity with it text-driven menus, module management and execution functions, but it’s purely for generating PowerShell agents and post-exploitation evilness. Of course, Powershell being native to Windows means that AV is not a concern (for…
Apparently, the average person in Australia carries 2.6 devices. For me, the 0.6 is my Telstra Pre-Paid 4G WiFi modem. All the main Aussie telcos have offerings in this space (Telstra/Optus/Vodafone/Virgin Mobile), and the devices provided usually are Huawei, ZTE or Sierra Wireless wifi modems. I’ve been using this ZTE MF91 device as sold by…