Bengaluru, Karnataka, INDIA 560042
+91-9784367546, +91-8839669785

Author: sai

A Real World Adversary Labs

Server Software Component: Web Shell [T1505.003]

Attacker escalates privilege or maintains persistent access on an already compromised web application using malicious scripts called a web shell. A Web shell is used in the post-exploitation phase as a web shell itself cannot attack or exploit a remote vulnerability. An attacker may take advantage of common web application vulnerabilities such as SQL injection, remote file…
Read more

Event Triggered Execution: AppInit DLLs [T1546.010]

What is Applnit DLL? It is the mechanism that allows a custom┬álist of DLLs to be loaded into the address space of each user-mode process on the system. This will help attackers achieve persistence as DLL can be loaded and execute code when application processes are created on the system. But it is to be…
Read more

MITRE Shield

Understanding the increasingly complex threats faced by industrial and critical infrastructure organizations is not a simple task. It has always been a great question that how do you know that you are secure? MITRE has been diligently working to document tactics and techniques to actively defend against the attacks and answer this very challenging question.…
Read more

Group Policy Modification(T1484)

What is a Group Policy Object (GPO)? A Group Policy Object (GPO) is a group of settings that can be used as a resource in a Microsoft operating system to control user accounts and user activity. The Group Policy Object is implemented in an Active Directory system and can be associated with a single or…
Read more