Cunningham’s Law states “the best way to get the right answer on the internet is not to ask a question; it’s to post the wrong answer.” While I haven’t been the target of any negative feedback, after posting my blog post: Executing Meterpreter in Memory on Windows 10 and Bypassing AntiVirus, I’ve realized that some…
Executing Meterpreter in Memory on Windows 10 and Bypassing AntiVirus
Recently I read the article on the Coalfire Blog about executing an obfuscated PowerShell payload using Invoke-CradleCrafter. This was very useful, as Windows Defender has upped its game lately and is now blocking Metasploit’s Web Delivery module. I wanted to demonstrate an alternate way to achieve the same goal, with the intention of not dropping…
Categories
n00py Blog
- The SOCKS We Have at Home
- Bypassing Amazon Kids+ Parental Controls
- Bypassing Okta MFA Credential Provider for Windows
- CactusCon 2023: BloodHound Unleashed
- Exploiting Resource Based Constrained Delegation (RBCD) with Pure Metasploit
- Practical Attacks against NTLMv1
- Password Spraying RapidIdentity Logon Portal
- Manipulating User Passwords Without Mimikatz
- Unauthenticated Dumping of Usernames via Cisco Unified Call Manager (CUCM)
- Adding DCSync Permissions from Linux
Archives
- January 2024
- April 2023
- February 2023
- January 2023
- October 2022
- March 2022
- January 2022
- September 2021
- May 2021
- December 2020
- August 2020
- May 2020
- February 2020
- January 2020
- December 2019
- June 2019
- March 2019
- October 2018
- August 2018
- June 2018
- April 2018
- March 2018
- January 2018
- December 2017
- November 2017
- October 2017
- September 2017
- August 2017
- June 2017
- April 2017
- March 2017
- January 2017
- October 2016