https://clo.ng/categories/reverse-shell/ Recent content in Reverse-Shell on clo.ng Hugo en-US Sun, 21 Jan 2018 00:00:00 +0000 https://clo.ng/blog/osquery_reverse_shell/ Sun, 21 Jan 2018 00:00:00 +0000 https://clo.ng/blog/osquery_reverse_shell/ <h2 id="reverse-shell-detection">Reverse Shell Detection</h2> <p>One challenge when it comes to building defenses for MacOS are the numerous scripting languages that come pre-installed with the operating system. While it may be convenient for developers, it provides attackers with a variety of methods for establishing persistence and bootstrapping connections to command and control servers.</p> <p>Once attackers gain a foothold on systems, they frequently like to gain shell access by launching reverse shells. The benefits of this are well documented <a href="https://andreafortuna.org/cybersecurity/some-thoughts-about-reverse-shells/">here</a>. As you might expect, there are numerous ways to initiate these connections using native utilities such as:</p>