PowerShell is a wildly effective tool for managing Windows devices and networks. Naturally, this also means that it can be used by threat actors to exploit targets. One big tactic used to side-step Endpoint Detection and Response, as well as forensic analysis after the fact, is code obfuscation. BTLO has a great challenge (medium difficulty) for analysing malicious PowerShell, so let’s dig into it!
More …More …Keep these tools handy and check their man pages for help if you need ideas to get you through obtaining flags throughout the CTF!
As you probably already know, Metasploit is an amazing tool/framework for offensive exercises, audits, and penetration tests. It includes functionality for exploit development and integration of plugins from all sorts of other tools. I built this guide in early 2020 to aide co-workers in understanding its functionality and help them in experimenting with it on CTF events and online cyber challenges, so I hope it’s useful to others here interested in understanding the basics and building from there. For further reading, check the sources at the bottom of the guide!
More …My name is Nic Finn, and I’m an InfoSec enthusiast/aspiring-expert!
More …