cybersec+ shells

0.0(0)
studied byStudied by 0 people
linked notesView linked note
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/11

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

12 Terms

1
New cards

Reverse Shell

A remote shell session initiated from the victim's computer back to the attacker's listening server. This technique helps bypass firewalls by making the connection appear as legitimate outbound traffic.

2
New cards

Listener

A program or command an attacker runs on their own server to wait for an incoming connection from a victim's payload, typically to catch a reverse shell. (e.g., nc -lvp 443).

3
New cards

Payload / Stager

The malicious code or script executed on a victim's machine that initiates the connection back to the attacker's listener to establish a remote shell.

4
New cards

Netcat (nc)

A versatile command-line networking utility used to read from and write to network connections. It is a common tool for creating listeners and executing reverse shell payloads.

5
New cards

Egress Filtering

A network security control that restricts or blocks outbound traffic leaving an internal network. It's a key defense against reverse shells by preventing connections to unauthorized external ports and IP addresses.

6
New cards

Application Allow-listing

A security policy that explicitly defines which programs are allowed to run on a system. Any application not on the list is blocked, preventing the execution of unauthorized tools like nc.exe.

7
New cards

PowerShell

An advanced, object-oriented command-line shell and scripting language for Windows. It is heavily used in system administration and security for automation and management.

8
New cards

cron

A time-based job scheduler in Unix-like operating systems. It is used to automate and schedule the execution of scripts or commands at specific intervals, which can be used to maintain persistence for a backdoor.

9
New cards

Metasploit Framework

A popular open-source penetration testing framework used to discover, exploit, and validate vulnerabilities. It includes numerous tools for generating reverse shell payloads.

10
New cards

Cobalt Strike

A commercial threat emulation software platform used by red teams for advanced adversary simulations. It is a powerful command-and-control (C2) framework known for its sophisticated reverse shell capabilities.

11
New cards

Stateful Firewall

A firewall that tracks the state of active network connections. Because it automatically allows return traffic for connections initiated from inside the network, it can be bypassed by a reverse shell.

12
New cards

EDR / NGAV

Endpoint Detection and Response / Next-Generation Antivirus. Advanced endpoint security solutions that use behavioral analysis, memory scanning, and script-blocking to identify and stop threats like fileless malware and reverse shells.