Create your own custom implant
2024-07-31 | #redteaming
A few days ago I read a fantastic blog post by Forrest Kalser that piqued my curiosity. In the blog post, titled ‘Deep Sea Phishing Pt.1’, Kalser argues that custom payloads are (usually) better than stock shellcode because the EDR has already seen the stock shellcode generated by the C2 framework of your choice a few times.