Weponization
Artifacts
Exe, DLL, Powershell scripts are artifacts.
This could be of two types. Stagged and Stageless
Executable and DLLs which are Stageless.
To generate Attacks->Packages-> Windows EXE(s)
If Generating a DLL we can run it by using: (Do check the architecture of the rundll32 or rundll64 before running)
rundll32.exe whatever.dll,StartW
Hosting a file on the C2 server
To host: Attacks -> Web Drive-by -> Host File
To manage and remove hosted files: Attacks -> Web Drive-by -> Manage
To Monitor log: View -> Web Log
Using Cobalt Strike Artifacts Kit: (Used For Ofuscation/AV Evation)
Help -> Arsenal
Last updated