Cobalt Strike Hunting — DLL Hijacking/Attack Analysis

DLL Hijacking via Cobalt Strike & Attack Analysis.

Agenda

  • Hijack Execution Flow: DLL Search Order Hijacking.
  • Payload extraction from the PCAP (VT, Triage, and CyberChef Analysis).
  • Attack Analysis.
  • DLL Hijacking via Cobalt Strike/Sysrep.

--

--

--

Security Researcher [RED&BLUE]

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Fun Times With WebCrypto — Part 2: Encrypting & Decrypting

{UPDATE} Army Sniper Hack Free Resources Generator

{UPDATE} 脱出ゲーム アトリエ喫茶ふらっとからの脱出 Hack Free Resources Generator

{UPDATE} Letter² Hack Free Resources Generator

How do you Seed and Download Files in Upfire?

Beyond Metasploit

Distribution of Fragmented Data and Its Challenges

All you need to know about Code Signing SSL Certificates

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Michael Koczwara

Michael Koczwara

Security Researcher [RED&BLUE]

More from Medium

LetsDefend: Hijacked NPM Package/Supply Chain Compromise

The Hurdles of Threat Hunting

Cyber Threat Intelligence (CTI) Podcasts

Profiling and Cyber Threat Intelligence — 3