Tagged: RDPHijack

September 23, 2022

RDPHijack: uses WinStationConnect API to perform local/remote RDP session hijacking

BOF – RDPHijack Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking. With a valid access token / kerberos ticket (e.g., golden ticket)...

Tagged: RDPHijack

RDPHijack: uses WinStationConnect API to perform local/remote RDP session hijacking

Search

Brilliantly

Content & Links