Eyal Neemany has published a post on how to use PowerShell to expose command line shells history. He notes that the biggest trend in the last few years is the use of Non-Malware attacks.

There are a few reasons why we see increased use of scripting language based malwares:

  • Some of them are installed by default on every Windows operating system.
  • They’re hard to detect because they leverage legitimate tools to perform malicious activity.
  • Shell-based attacks have the ability to exist only in memory.

Also, you will find a useful tool, called Get-ShellContent, which is available for download from the author’s GitHub.

Load More Related Articles
Load More In How To

Leave a Reply

Your email address will not be published. Required fields are marked *