Рет қаралды 1,012
This week's video explores using IT management tools such as Anydesk, Atera, Teamviewer, Splashtop, and Plink as command and control (C2). Can your organization detect these tools? If not, I will show you how red teams can use these in their testing. Oh, and bonus, these always slip by AV/EDR.
DFIR Report
thedfirreport.com/2023/03/06/...
00:00 Introduction
01:49 Anydesk Usage and Detection
06:24 Teamviewer Usage and Detection
10:52 Atera Usage and Detection
14:30 Splashtop Usage and Detection
17:15 Plink for RDP Tunneling and Detection
23:29 Thanks for Watching!