Anti-detection protection in Active Directory.

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

Dodging detection when attacking a domainunsplash.com

As you know, any attack is carried out in several stages. We successfully conducted reconnaissance, increased our own privileges, advanced wherever we wanted, and in the end managed to take over the entire network. But here’s the problem: we were found, cut off from the network and caught. In order to avoid this development of events, it is time to consider methods of protection against detection.

WARNING
All information is provided for informational purposes only. Neither the editorial board nor the author is responsible for any possible harm caused by the materials of this article.

Dodging memory scanners
Any actions in the system are registered in one way or another, and it will never be possible to completely hide from an experienced observer. But you can disguise yourself as much as possible. Most Red Teams or Pentesters use PowerShell to attack a domain. Moreover, it became so popular that whole frameworks appeared, for example, Empire and PowerSploit. Additionally, PowerShell scripts can be obfuscated using the same

Read the article