Using LOLbins for Tool Downloads
|
LOLbins won’t have you laughing when threat actors “live off the land” to leverage tools and capabilities that are already present in the target environment to achieve objectives. Learn how to detect common adversary techniques such as Ingress Tool Transfer in this course.
Course Description
“LOL”, in this case, is an acronym for “Living off the Land”. This term is used when an adversary leverages tools and capabilities that are already present in the target environment to execute additional TTPs and achieve objectives. In the case of T1105: Ingress Tool Transfer, that means using programs like FTP that are already present on a target system to download more tools to that system.
The primary risk from this technique is that the adversary will achieve an expansion of their capabilities within the target environment, system, or application through additional tooling.
Apply what you learn and get the hands-on skills you need in Cybrary’s MITRE ATT&CK Framework courses aligned to the tactics and techniques used by the threat group APT41 (aka Double Dragon). Prevent adversaries from accomplishing the tactic of command and control.
Apply what you learn and get the hands-on skills you need in Cybrary’s MITRE ATT&CK Framework courses aligned to the tactics and techniques used by the threat group APT41 (aka Double Dragon). Prevent adversaries from accomplishing the tactic of command and control.
Module 1: APT41 Introduction
Module 2: Using LOLbins for Tool Downloads
User Reviews
Be the first to review “Using LOLbins for Tool Downloads”
You must be logged in to post a review.
There are no reviews yet.