Tag

Reverse Shell

3 briefs RSS

Komari Agent Abused as SYSTEM-Level Backdoor

Threat actors are abusing the Komari monitoring agent, a project hosted on GitHub, as a SYSTEM-level backdoor following initial access through compromised VPN credentials and lateral movement via Impacket.

Defender +2 komari backdoor nssm github rat reverse shell

2r 4t 2i Apr 30, 2026

medium advisory

Potential Reverse Shell via Java on Linux

2 rules 2 TTPs

The execution of a Linux shell process from a Java JAR application following an incoming network connection may indicate reverse shell activity.

Elastic Defend reverse-shell java linux execution

2r 2t Jan 9, 2024

high advisory

Potential Command Shell via NetCat Execution

2 rules 3 TTPs

The rule identifies potential attempts to execute a reverse shell using the netcat utility to execute Windows commands via Cmd.exe or Powershell.

Elastic Defend reverse shell netcat command execution windows

2r 3t Jan 3, 2024