Wednesday, October 27, 2021

ElusiveMice: Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind

ElusiveMice – custom Cobalt Strike User-Defined Reflective Loader

This is a fork of Cobalt Strike’s User-Defined Reflective Loader which in turn is a fork of Stephen Fewer’s ReflectiveDLLInjection implementation, but with a slight plot twist – it adds a few well-known AV/EDR evasion hooks/patches!

Whenever we issue execute-assembly or perform any other Cobalt-Strike native action that injects capability into a sacrificial process, the Cobalt Strike will utilize its Reflective Loader to inject …

Read More

Latest news
Related news