Adversaries Are Doing Stranger Things Part 2
Рет қаралды 872
Күн бұрын
@MrVik24 2 ай бұрын
Great video! Thank you
@CyberAttackDefense 2 ай бұрын
Glad you liked it!
@harshil. 3 ай бұрын
Love this series!
@CyberAttackDefense 3 ай бұрын
Thanks! I think these techniques aren't emulated enough by Red/Purple Teams so I want to make sure people know they exist.
@ohmsohmsohms 3 ай бұрын
Thank you a bunch for this series, im a newb when it comes to red teaming and you've been helping a bunch on my journey, will edit the comment after i've watched :D Loved the video. Very interesting version of memprocfs, I used the tool once and had to resort to the pypykatz module. Since you showed it's possible I will try to tweak it!
@CyberAttackDefense 3 ай бұрын
Glad you enjoyed it. Thanks for watching!
@UsamaAli-kr2cw 3 ай бұрын
MindBlowing Content as always. Only thing is bothering me that memory dump size can be huge if our target systems are windows servers so how we will be able to exfiltrate that huge file without detection and evading dlp?
@CyberAttackDefense 3 ай бұрын
That’s the catch with this technique. Now if your rules of engagement allow software installation. You could cut it up with memprocfs on box and exfil just the minidump.
@UsamaAli-kr2cw 3 ай бұрын
@@CyberAttackDefense Cool. thanksalot sir ❤️❤️❤️❤️
@BEAST4LIF3 3 ай бұрын
Do you happen to have a way for winpmem to be able to write to a remote location? Also why you gotta flex the custom memprocfs like that..... Sending me on a mission this weekend.
@CyberAttackDefense 3 ай бұрын
I don't have a way to do this specifically however using any ram capture works. Velociraptor or remote forensics collection utilities can collect ram remotely.
@BEAST4LIF3 3 ай бұрын
@@CyberAttackDefense makes sense thank you!
That Little Puff
Рет қаралды 24 МЛН
Cyber Attack & Defense
Рет қаралды 1,8 М.
Cyber Attack & Defense
Рет қаралды 1,5 М.
Cyber Attack & Defense
Рет қаралды 2,1 М.