[Sukob]

I would like to hear some ideas from the community on modern implant design.
Feel free to respond with your favorite unique idea when it comes to implant design
try not to talk about EDR evasion and such but rather the design of the implant itself and how
it interacts with your command and control server

---

I would like to hear some ideas from the community on modern implant design.
Feel free to respond with your favorite unique idea when it comes to implant design
try not to talk about EDR evasion and such but rather the design of the implant itself and how
it interacts with your command and control server

I will start, coolest idea so far I have seen it DropboxControl
https://thehackernews.com/2022/11/worok-...ain%20file.
using Dropbox API to exfiltrate malware. I am considering writing my own implementation and posting here once finished.

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Self-Ban | Retired |http://c66go4clkqodr7tdjfu76jztjs7w7d3fajdeypxn73v4ju3dt7g5yyyd.onion/Forum-Ban-Appeals if you wish to be unbanned in the future.

[notagh0st]

When you say implant, are you just referring to malware in general? For data exfiltration, I think it depends how much data you're talking about. You definitely don't want Dropbox to be able to know what was taken, so even though you're exfiling it, it still is worthwhile to zip and encrypt it. Or you can create your own filesharing host on your own server and then you don't have to worry about that. Some environments are going to have things like that blocked, though. In that case you'd need to get more creative, such as sending it over a TCP protocol that is allowed, or hiding the data inside an allowed content type like an image or a video and uploading that.