Cobalt-Strike/Attacks/Packages/HTML-application

From aldeid

Jump to navigation Jump to search

You are here

HTML application

Attack

This package generates an HTML application that runs a Cobalt Strike payload using an executable, a Powershell command or a VBA script.

Method

You may choose the Executable option to get an HTML Application that drops an executable to disk and runs it.
Choose the PowerShell option to get an HTML Application that uses PowerShell to run a payload.
Use the VBA option to silently spawn a Microsoft Excel instance and run a malicious macro that injects a payload into memory.

Obfuscation and tuning

Consider using the Resource Kit or morph-hta for obfuscation and tuning purposes.

Retrieved from "https://www.aldeid.com/w/index.php?title=Cobalt-Strike/Attacks/Packages/HTML-application&oldid=37415"

Penetration-testing

Share your opinion