Welcome to the second of CounterTack’s four-part video series on Advanced Threats. In this video we will be demonstrating a Meterpreter session using the Metasploit framework on a Kali Linux Virtual Machine. We will keep the Meterpreter session strictly in memory. This is known as a file-less based attack.
In the first half of the video, we will use Windows 7 running McAfee Antivirus on the victim machine. In the second half of the video, we will demonstrate the same memory-only based attack on the Windows 7 machine, this time running CounterTack’s EDR solution on the endpoint.
CounterTack’s EDR solution is behavior-based instead of signature-based; it detects new variants of malware regardless of new packing technique and other forms of obfuscation. CounterTack features memory-based analysis using our Digital DNA technology and automated remediation to catch never-before-seen attacks and automatically stop it in its tracks.
Learn about how CounterTack can help you protect against memory-only attacks in the video above! Check out our previous Advanced Threat video here.