Antak.Web.Shell
Description
This indicates an attempt to use Antak web shell.
Antak is written in ASP.NET and it is a tool included in Nishang, which is often used in penetration testing. Antak can execute PowerShell commands.
Affected Products
Any compromised server with PowerShell
Impact
System Compromise: Remote attacker can gain control of vulnerable systems.
Recommended Actions
If required, the signature's action can be set to "Block".
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |