Windows Red Team - Dynamic Shellcode Injection & PowerShell Obfuscation

preview_player
Показать описание
In this video, I will be exploring the process of dynamically injecting Shellcode into portable executables and PowerShell obfuscation for the purpose of defense evasion on Windows.

Defense Evasion consists of techniques that adversaries use to avoid detection throughout their compromise. Techniques used for defense evasion include uninstalling/disabling security software or obfuscating/encrypting data and scripts.

//PLATFORMS

//SOCIAL NETWORKS

//BOOKS

//SUPPORT THE CHANNEL

//CYBERTALK PODCAST

//WE VALUE YOUR FEEDBACK
We hope you enjoyed the video and found value in the content. We value your feedback, If you have any questions or suggestions feel free to post them in the comments section or contact us directly via our social platforms.

//THANK YOU!
Thanks for watching!
Благодарю за просмотр!
Kiitos katsomisesta
Danke fürs Zuschauen!
感谢您观看
Merci d'avoir regardé
Obrigado por assistir
دیکھنے کے لیے شکریہ
देखने के लिए धन्यवाद
Grazie per la visione
Gracias por ver
شكرا للمشاهدة

-----------------------------------------------------------------------------------
#redteaming #cybersecurity #pentesting
  1. HackerSploit
  2. hackersploit
  3. hacker exploit
  4. hacking
  5. kali linux
  6. red team
Рекомендации по теме
Windows Red Team 0:36:54

Windows Red Team - Dynamic Shellcode Injection & PowerShell Obfuscation

Windows Red Team 0:36:54

Windows Red Team - Dynamic Shellcode Injection & PowerShell Obfuscation

Windows Red Team 0:24:47

Windows Red Team Lateral Movement Techniques - PsExec & RDP

Windows Red Team 0:45:25

Windows Red Team Privilege Escalation Techniques - Bypassing UAC & Kernel Exploits

SEC670: Red Team 0:55:50

SEC670: Red Team Ops – Windows Tool Development Preview

Red Team Adversary 1:37:58

Red Team Adversary Emulation With Caldera

Windows Defense Evasion 0:36:45

Windows Defense Evasion Techniques | Red Team Series 7-13

Windows Internals [Red 1:14:44

Windows Internals [Red Team Training] -- TryHackMe LIVE!

Part 2 - 0:03:48

Part 2 - PKI Meets Red Team: Revealing Common Microsoft AD CS Misconfigurations

Leveraging Microsoft Teams 0:00:23

Leveraging Microsoft Teams to persist and cover up Cobalt Strike traffic

Active Directory Red 0:36:00

Active Directory Red Team Tactics, Techniques and Procedures | Credential Attacks

Red Team Ops 0:05:56

Red Team Ops 2 is FINALLY HERE

'Malware Analysis - 0:55:21

'Malware Analysis - Red Team Edition' by Uriel Kosayev | 'PURPLE-TEAM BOOT CAMP ser...

AASLR: Red Team 0:28:59

AASLR: Red Team Infrastructure Primer | Greg Hatcher & John Stigerwalt

106 Red Team 0:48:25

106 Red Team Yourself Thomas Richards

How To Test 0:13:09

How To Test Your Security with Atomic Red Team

Red Team Techniques 0:57:54

Red Team Techniques for Evading, Bypassing & Disabling MS

Windows API Exploitation 0:10:58

Windows API Exploitation Recipes for Red - Blue Teams: Course Introduction

10. I Can 0:45:31

10. I Can See an Apple Behind Your Windows - Red Teaming macOS Environments by Wojciech Reguła

POV - Windows 0:00:37

POV - Windows User Tries MacOS 😂

Red Teaming With 0:43:19

Red Teaming With Havoc C2

SIEM LAB: Setting 0:05:03

SIEM LAB: Setting up Windows 10, Sysmon, Atomic Red Team, and the Wazuh agent.

RED TEAM Recipes: 0:10:16

RED TEAM Recipes: Application Hijacking using DLL Forwarding Part 1

Thremulation Station: the 0:57:26

Thremulation Station: the automated threat emulation range

Комментарии
Автор

you're killing it with this content Hackersploit, please upload more!! I've only seen a few of the red team videos but will def be watching more

RealCyberCrime
Автор

The videos of HackerSploit are always Masterclass 💪.
The Explanations are perfectly clear.
Just MASTERCLASS.

fabricenade
Автор

Awesome video. Always providing great content…. Merry Christmas 🎉

baidysall
Автор

I recently finished the PTSv2 course, you're a phenomenal teacher!

ilbona
Автор

Alexis, first of all I want to thank you for this fantastic Red Team Fundamentals course!

I've done some testing, and unfortunately, despite the video being recent, almost none of the AV evasion techniques work:

1) Invoke-Obfuscation is the only technique that works.

2) Shellter is immediately detected, both with new versions of WinRar (32bit) and with older versions.

3) Shikata Ga Nai is not detected by Windows Defender using 45 iterations, but the listener does not receive the reverse connection.
I tried Shikata Ga Nai with different payloads created with MSFVenom, and with different iterations, but either it is detected or it does not make the reverse connection.

4) In no case was I able to obscure a reverse shell created with MSFVenom.


The tests were all conducted with Windows Defender on Windows 10 (64bit) in my laboratory.

If you have time and desire, you could update the obfuscation techniques by perhaps deepening the topic.

In any case, thanks as always, you're the best cybersecurity teacher.

See you soon.

korovamilkplus
Автор

15'56'' You are fantestic....great

zarandija
Автор

Gonna watch all your videos and comment after watching them

parkour.parkour
Автор

best hacking content ever 👍💯 , keep up the good work

NightMaRe-xltr
Автор

After a long time came with the video.alex my favourite mentor . Can I request any video topics?

arupsen
Автор

Pretty hard to keep a good man down... Welcome Back HS...

mynealways
Автор

These videos are great! One question though. Even if you evade the av won't the continuously running command prompt window in the background tip the blue team off?

netstreamer
Автор

awesome thanks!
but most EDR's today are really good at stopping shellter from my experience

Tathamet
Автор

Great video. But I have a question: following all the steps, I get the infected executable file of winrar, but in my case then windows defender detects it, I just pass it on the victim target. How can I avoid it?Thanks

gianlucasanfilippo
Автор

As usual great video. How many videos will come in this series

rishabhrana
Автор

Hi...I'm jordan and I'm new to the channel

jordanyoung
Автор

We follow your channel here in Brazil, , 🇧🇷✨ if possible put subtitles in your videos !!!!

passaronegro
Автор

can you help me .I cant install powershell it says "Package 'powershell' has no installation candidate"

GliddingHippo
Автор

Input "sudo wine shellter.exe" prompt "wine: could not load kernel32.dll, status c0000135", what should I do?

xsTaoo
Автор

Hello Hackersploit. Can You Help Me ?. I Am interesting in Cybersecuirty. Which Books Can You Recommend To Me ?. Which Books Should l Read ?

r.e.d
Автор

My regards, brother! Is it possible to recover some photos that I had sent via messenger on a Facebook account that I deleted at the beginning of the year. The person I sent them to was automatically deleted from their inbox when my account was deleted?

vufyjmr