https://vimeo.com/153437917
When you're testing your defense systems a lot of time you want to use some of the newer techniques - so we added the WMI persistence stuff to CANVAS. Also I think that stuff is great fun anyways. Imagine a trojan that only runs when USB keys are popped into the system, for example. Seems cool to me!!! Likewise, the Java deserialization attacks we added for WebSphere, JBoss, etc. all are cross platform and don't touch disk. Not touching disk is really step-1 for being even remotely stealthy these days. Realistically you also have to write your whole framework to not call external programs as well. ENJOY THE NEW CANVAS EVERYONE! I KNOW I WILL. :) -dave
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Dailydave mailing list [email protected] https://lists.immunityinc.com/mailman/listinfo/dailydave
