Abstract

Several security tools have been described in recent times to assist security teams; however, the effectiveness and success remain limited to specific devices. Phishing is a type of cyberattack that uses fraudulent emails and websites to obtain personal information from unsuspecting users, such as passwords and credit card numbers. Hackers can gain access to your information through a variety of methods, and the most common of which are king, phishing, spear phishing, social engineering, and dictionary attacks. Each of these techniques is unique, but they all have the same goal: to obtain your personal information. Nevertheless, there is the potential to exploit this problem in terms of security. In this paper, we used the Bash Bunny (BB), a new tool designed to assist military, law enforcement, and penetration tester teams with their work to conduct exfiltration without privilege escalation through T1200, T1052, and T1052.001 techniques in air-gapped networks with effectiveness/success 99.706%.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.