Execution with macro_pack

Knowing how to masquerade malicious content into legitimate files is key when performing phishing attacks. In this course, you will explore the macro_pack tool, which allows you to hide malicious payloads into Microsoft Office files.
Course info
Level
Intermediate
Updated
Sep 4, 2020
Duration
23m
Table of contents
Description
Course info
Level
Intermediate
Updated
Sep 4, 2020
Duration
23m
Description

Masquerading malicious files into legitimate files is crucial for a successful phishing attack. When the malicious payload is hidden into legitimate documents, the victims are more likely to open the file, giving us access to their computer. In this course, Execution with macro_pack, you will see one of the most useful tools for malicious file masquerading, the macro_pack. First, you will learn the basics about malicious file masquerading and an overview of the macro_pack tool. Next, you will explore how to hide a Metasploit Meterpreter payload into a Microsoft Word file. Finally, you will learn how to create a file dropper with the macro_pack, which can be used to distribute malware hosted in remote servers via unsuspicious Microsoft Excel spreadsheets. When you are finished with this course, you will have the skills and knowledge of the macro_pack tool to masquerade malicious payloads into Microsoft Office files and covers three important tactics from the MITRE ATT&CK framework: User Execution - Malicious File (T1204.002), Command and Scripting Interpreter - Visual Basic (T1059.005) and Phishing - Spearphishing Attachment (T1566.001).

About the author
About the author

Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 10+ years of IT experience, 6 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.

More from the author
Credential Access with Responder
Intermediate
20m
Sep 18, 2020
Discovery with ADRecon
Intermediate
22m
Sep 18, 2020
More courses by Ricardo Reimao
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview (Tool Introduction)
Hey there. Welcome to Pluralsight. In this cybersecurity tools course, you'll learn how to hide malicious payloads into legitimate Office files using the macro_pack tool. One way to really increase your chance of a successful phishing attack is masquerading malicious code into files that look legitimate to the victim. The macro_pack is a tool that help us to hide malicious payloads into Microsoft Office files, such as Word documents and Excel spreadsheets. In this way, our victims will not suspect about the email attachment and more likely will open it. In this course, you'll learn how to use the macro_pack tool to masquerade any kind of malicious file so they look legit to our victim. We start by learning the basics about malicious file masquerading and have an overview of the macro_pack tool. After that, we'll explore in our first demo how to hide a Metasploit Meterpreter payload into a legitimate Microsoft Word file. And finally, you'll learn how to create a file dropper with a micro_pack tool, which can then be used to distribute Malware hosting remote servers via unsuspicious Microsoft Excel spreadsheets. So, whether you're trying to hide malicious code for phishing attacks and a red team engagement or just looking to test the security awareness of your own company, join me and learn how to masquerade malicious files using the macro_pack tool, here at Pluralsight.