Tuesday, October 19, 2021

Registry-Recon: Cobalt Strike Aggressor Script that Performs System/AV/EDR Recon

Cobalt Strike Aggressor Script that Performs System/AV/EDR Recon.

Author: Jess Hires

Description

As a red-team practitioner, we are often using tools that attempt to fingerprint details about a compromised system, preferably in the most stealthy way possible. Some of our usual tooling for this started getting flagged by EDR products, due to the use of Windows CLI commands. This aggressor script aims to solve that problem by only probing the system using native registry queries, no CLI command…

Read More

Latest news
Related news