COM-Hunter is a COM Hijacking persistence tool written in C#. This tool tries to find out useful general CLSIDs. Moreover, It tries to find out valid CLSID via Task Scheduler. With Find-persist and Find-tasksch functionalities tries to find out if someone already used any valid CLSID in order to do COM persistence. Last but not least, it uses persist mode to automate the procedure of persistence via general CLSIDs, Task Scheduler and TreatAs key. This talk is about an official presentation of COM-Hunter.
COM Hijacking VOODOO
Cyber Security Consultant at EY
About Nikos Vourdas
Nick Vourdas is a “Young Padawan” and Cyber Security Consultant based in Greece. He has a dream that one day will become a “Jedi Master”. Nikos studied at University of Western Macedonia (Kozani, Greece) as a Informatics Telecommunication Engineer. He holds OSCP and OSWP certifications. His prior working experience includes the Cyber security Directorate department of the Greek National Defense. From the age of 18, Nikos participates in Bsides Athens and Bsides Cyprus as a CTF organizer. He loves open source but one day Microsoft’s Active Directory “stole” his heart… He evolves to Web Application, Internals, Externals Infrastructure Penetration Tests and Source Code Reviews. You can call him “nickvourd” or “ncv”. His favorite phrase/slogan is “Last but not least, It is what it is, boyz!”.