Showing Posts About
Anartz martin
- 3 Jul 2020
Attack Detection Fundamentals: Code Execution and Persistence - Lab #1
This article details a cybersecurity lab simulating the Astaroth malware attack chain using Living-off-the-Land (LOLBins) techniques. The lab demonstrates how attackers can exploit Windows utilities like BITSAdmin and ExtExport.exe, along with Alternate Data Streams, to stealthily download and execute malware. Multiple detection strategies are explored, including Sigma rules, event log analysis, and tools like Sysmon for identifying these sophisticated attack methods.
- 3 Jul 2020
Attack Detection Fundamentals: Code Execution and Persistence - Lab #2
This article explores persistence techniques used by attackers in Windows environments. Two primary methods are demonstrated: adding files to the Startup folder and modifying Windows Registry Run Keys. The guide provides technical insights into malware persistence strategies and detection approaches for cybersecurity professionals.