Secondary Categories: 02 - Defense Evasion, 02 - Persistence
Watershell
This amazing tool allows an attacker to run commands by bypassing iptables
or other linux packet filter
. The way this tool works is by sniffing for UDP or TCP datagrams on a specified port and runs the command if a keyword is found in the packet.
The keywords used in the original repo is run and status.