I'm an infosec geek that enjoys breaking, building, hiking and taking pretty pictures. I am also the developer behind PS>Attack, a tool designed to make using offensive PowerShell easier for pentesters.
And once again, I wish I had my dog's life.
I haven't been in information security for a very long time, I actually just recently passed the three year mark. But as I've talked with people and grown my very long list of people I look up to, I've come to notice and respect certain traits that come with being a mature infosec professional.
Application Compatibility Shims has been a popular persistence mechanism for at least a couple of years now and as our job is to emulate real world threats, I decided to spend some time learning how they worked, how they can be abused and how you can defend against them. Theres already a lot of great resources out there on this technique, but this article fills in some missing details that I encountered during my research.
It looks like Eli found Bruisers training pads while we were at work today.
Woot. Lunch with the wife.
It's a good day in the office.