✔️ Ability to use the right malware incarnation during an engagement

✔️ Knowledgeable of how to use malware while keeping your test under the rules of engagement

✔️ Ability to maintain access to a compromised machine

→short for Malicious Software

• used to:
• classification is based on

👾 Virus

small code

spreads from computer to computer

without direct/authorization action from the owner

copy themselves into

special sections of the hard disk

legitimate docs or programs

run every time infected file is run

🐴 Trojan Horse

malware embedded in a seemingly harmless file

• examples

type most used by pentesters:

backdoors→ allow us to get a shell on infected system

executed once the infected executable is run

🚪 Backdoors

software by both client and server

backdoor server runs on victim machine

listens on network

accepts connections