Targeted attacks with public tools
- Process and memory injection
- Anti-malware evasion
- File-less attacks (including Microsoft PowerShell)
Toolkit Compromise Rates (with no detection) | 2018 – 2019 |
Shellter | 4% |
Veil | 4% |
PowerShell Empire | 20% |
Blocked or Neutralised = Protection
+ Complete Remediation = Complete Protection
Shellter Detection and Protection Rates | 2018 Q1 | 2018 Q2 | 2018 Q3 | 2018 Q4 | 2019 Q1 |
Detection rate | 97% | 95% | 94% | 100% | 96% |
Protection rate | 79% | 74% | 75% | 88% | 94% |
Complete protection | 41% | 45% | 49% | 66% | 76% |
Veil Detection and Protection Rates | 2018 Q1 | 2018 Q2 | 2018 Q3 | 2018 Q4 |
Detection | 96% | 96% | 94% | 100% |
Protection | 81% | 82% | 87% | 92% |
Complete Protection | 63% | 68% | 70% | 75% |
PowerShell Empire Detection and Protection Rates | 2018 Q3 | 2018 Q4 | 2019 Q1 |
Detection | 77% | 78% | 86% |
Protection | 70% | 75% | 86% |
Complete Protection | 54% | 75% | 60% |
Phantom Evasion Detection and Protection Rates | 2019 Q1 |
Detection | 97% |
Protection | 91% |
Complete Protection | 69% |
Metasploit Evasion Detection and Protection Rates | 2018 Q4 | 2019 Q1 |
Detection | 100% | 99% |
Protection | 86% | 94% |
Complete Protection | 55% | 77% |
Recent Articles By Author
*** This is a Security Bloggers Network syndicated blog from SPECIAL EDITION authored by Simon PG Edwards. Read the original post at: http://blog.selabs.uk/2019/08/targeted-attacks-with-public-tools.html
