https://r0tbyt3.dev/tags/c2-and-networking/Recent content in C2-and-Networking on Jesus OsegueraHugoen-ushttps://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/alertable-functions/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/alertable-functions/Alertable Functions Alertable Functions - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/apc-queues/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/apc-queues/APC Queues APC Queues - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/automated-c2-infrastructure-setup/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/automated-c2-infrastructure-setup/Automated C2 Infrastructure Setup Automated C2 Infrastructure Setup - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/C2 and Networking C2 and Networking - command-and-control communication patterns, protocol abuse, and network-based techniques used in post-exploitation operations. Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/c2-communication-techniques/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/c2-communication-techniques/C2 Communication Techniques C2 Communication Techniques - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/command-and-control-patterns/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/command-and-control-patterns/Command and Control Patterns Command and Control Patterns - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/custom-smb-client/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/custom-smb-client/Custom SMB Client Custom SMB Client - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/data-exfiltration-techniques/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/data-exfiltration-techniques/Data Exfiltration Techniques Data Exfiltration Techniques - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/domain-generation-algorithms-dga/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/domain-generation-algorithms-dga/Domain Generation Algorithms (DGA) Domain Generation Algorithms (DGA) - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/domain-registration-kill-switch/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/domain-registration-kill-switch/Domain Registration Kill Switch Domain Registration Kill Switch - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/download-and-upload-via-smb/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/download-and-upload-via-smb/Download and Upload via SMB Download and Upload via SMB - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/download-file-via-bits/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/download-file-via-bits/Download File via BITS Download File via BITS - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/execute-shell-command/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/execute-shell-command/Execute Shell Command Execute Shell Command - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/fetch-payload-via-url/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/fetch-payload-via-url/Fetch Payload via URL Fetch Payload via URL - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/fetch-payload-via-url-using-iwinhttprequest-com-interface/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/fetch-payload-via-url-using-iwinhttprequest-com-interface/Fetch Payload via URL using IWinHttpRequest COM Interface Fetch Payload via URL using IWinHttpRequest COM Interface - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/file-upload-via-smb/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/file-upload-via-smb/File Upload via SMB File Upload via SMB - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/get-payload-from-url/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/get-payload-from-url/Get Payload from URL Get Payload from URL - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/introduction-to-havoc-c2/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/introduction-to-havoc-c2/Introduction to Havoc C2 Introduction to Havoc C2 - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/list-smb-files/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/list-smb-files/List SMB Files List SMB Files - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/malware-kill-date/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/malware-kill-date/Malware Kill Date Malware Kill Date - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/malware-working-hours/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/malware-working-hours/Malware Working Hours Malware Working Hours - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/msgwaitformultipleobjectsex-alertable-function/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/msgwaitformultipleobjectsex-alertable-function/MsgWaitForMultipleObjectsEx Alertable Function MsgWaitForMultipleObjectsEx Alertable Function - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/multiple-alertable-functions/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/multiple-alertable-functions/Multiple Alertable Functions Multiple Alertable Functions - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/named-pipes/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/named-pipes/Named Pipes Named Pipes - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/powershell-execution-via-.net-hosting-api/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/powershell-execution-via-.net-hosting-api/PowerShell Execution via .NET Hosting API PowerShell Execution via .NET Hosting API - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes Proxy Execute NtAllocateVirtualMemory with Timer APIs Proxy Execute NtAllocateVirtualMemory with Work Item APIs Proxy Execute NtCreateThreadEx with Work Item APIs Reverse Shell Reverse Shells Overview Running JScript Code in Memory Send Keystrokes to Remote Server Shell Execution SignalObjectAndWait Alertable Function SleepEx Alertable Function Upload File via SMB User Shared Data Delay WaitForMultipleObjectsEx Alertable Function WaitForSingleObjectEx Alertable Function WMI Queryhttps://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/proxy-execute-ntallocatevirtualmemory-with-timer-apis/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/proxy-execute-ntallocatevirtualmemory-with-timer-apis/Proxy Execute NtAllocateVirtualMemory with Timer APIs Proxy Execute NtAllocateVirtualMemory with Timer APIs - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/proxy-execute-ntallocatevirtualmemory-with-work-item-apis/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/proxy-execute-ntallocatevirtualmemory-with-work-item-apis/Proxy Execute NtAllocateVirtualMemory with Work Item APIs Proxy Execute NtAllocateVirtualMemory with Work Item APIs - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/proxy-execute-ntcreatethreadex-with-work-item-apis/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/proxy-execute-ntcreatethreadex-with-work-item-apis/Proxy Execute NtCreateThreadEx with Work Item APIs Proxy Execute NtCreateThreadEx with Work Item APIs - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/reverse-shell/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/reverse-shell/Reverse Shell Reverse Shell - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/reverse-shells-overview/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/reverse-shells-overview/Reverse Shells Overview Reverse Shells Overview - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/running-jscript-code-in-memory/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/running-jscript-code-in-memory/Running JScript Code in Memory Running JScript Code in Memory - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/send-keystrokes-to-remote-server/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/send-keystrokes-to-remote-server/Send Keystrokes to Remote Server Send Keystrokes to Remote Server - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/shell-execution/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/shell-execution/Shell Execution Shell Execution - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/signalobjectandwait-alertable-function/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/signalobjectandwait-alertable-function/SignalObjectAndWait Alertable Function SignalObjectAndWait Alertable Function - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/sleepex-alertable-function/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/sleepex-alertable-function/SleepEx Alertable Function SleepEx Alertable Function - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/upload-file-via-smb/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/upload-file-via-smb/Upload File via SMB Upload File via SMB - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/user-shared-data-delay/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/user-shared-data-delay/User Shared Data Delay User Shared Data Delay - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/waitformultipleobjectsex-alertable-function/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/waitformultipleobjectsex-alertable-function/WaitForMultipleObjectsEx Alertable Function WaitForMultipleObjectsEx Alertable Function - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/waitforsingleobjectex-alertable-function/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/waitforsingleobjectex-alertable-function/WaitForSingleObjectEx Alertable Function WaitForSingleObjectEx Alertable Function - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/wmi-query/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/wmi-query/WMI Query WMI Query - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .