Common Information
| Type | Value |
|---|---|
| Value |
JavaScript - T1059.007 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may abuse various implementations of JavaScript for execution. JavaScript (JS) is a platform-independent scripting language (compiled just-in-time at runtime) commonly associated with scripts in webpages, though JS can be executed in runtime environments outside the browser.(Citation: NodeJS) JScript is the Microsoft implementation of the same scripting standard. JScript is interpreted via the Windows Script engine and thus integrated with many components of Windows such as the [Component Object Model](https://attack.mitre.org/techniques/T1559/001) and Internet Explorer HTML Application (HTA) pages.(Citation: JScrip May 2018)(Citation: Microsoft JScript 2007)(Citation: Microsoft Windows Scripts) JavaScript for Automation (JXA) is a macOS scripting language based on JavaScript, included as part of Apple’s Open Scripting Architecture (OSA), that was introduced in OSX 10.10. Apple’s OSA provides scripting capabilities to control applications, interface with the operating system, and bridge access into the rest of Apple’s internal APIs. As of OSX 10.10, OSA only supports two languages, JXA and [AppleScript](https://attack.mitre.org/techniques/T1059/002). Scripts can be executed via the command line utility <code>osascript</code>, they can be compiled into applications or script files via <code>osacompile</code>, and they can be compiled and executed in memory of other programs by leveraging the OSAKit Framework.(Citation: Apple About Mac Scripting 2016)(Citation: SpecterOps JXA 2020)(Citation: SentinelOne macOS Red Team)(Citation: Red Canary Silver Sparrow Feb2021)(Citation: MDSec macOS JXA and VSCode) Adversaries may abuse various implementations of JavaScript to execute various behaviors. Common uses include hosting malicious scripts on websites as part of a [Drive-by Compromise](https://attack.mitre.org/techniques/T1189) or downloading and executing these script files as secondary payloads. Since these payloads are text-based, it is also very common for adversaries to obfuscate their content as part of [Obfuscated Files or Information](https://attack.mitre.org/techniques/T1027). |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2050-08-03 | 29 | Kiddoware Kids Place Parental Control Android App 3.8.49 XSS / CSRF / File Upload - CXSecurity.com | ||
| Details | Website | 2044-04-01 | 13 | Attackers Repurposing existing Python-based Malware for Distribution on NPM | ||
| Details | Website | 2024-11-17 | 0 | Phishing emails increasingly use SVG attachments to evade detection | ||
| Details | Website | 2024-11-17 | 3 | 4T$-CTF Writeup — “Stirling” | ||
| Details | Website | 2024-11-17 | 8 | “Embarking on API Security Testing: A Beginner’s Guide to Understanding APIs and Utilizing Postman”… | ||
| Details | Website | 2024-11-17 | 2 | Hacking Into Pizza Paradise: A CTF Journey to the Flag | ||
| Details | Website | 2024-11-17 | 0 | SQL Injection vs. Cross-Site Scripting (XSS): Know the Difference! | ||
| Details | Website | 2024-11-17 | 2 | Phishing emails increasingly use SVG attachments to evade detection | ||
| Details | Website | 2024-11-16 | 2 | Guide to Becoming an Ethical Hacker: From Basics to Advanced Knowledge | ||
| Details | Website | 2024-11-16 | 18 | Look This ! | ||
| Details | Website | 2024-11-16 | 18 | Browser’s Secret Diary: Memory Dumps Unveiled | ||
| Details | Website | 2024-11-16 | 10 | How Did I Get My First Collaboration Bounty Of $1000? | ||
| Details | Website | 2024-11-16 | 0 | Boost Your Cybersecurity Career With These 7 Hands-on Projects | ||
| Details | Website | 2024-11-16 | 25 | How I Turned a Low Blind SSRF Into a Critical Vulnerability With Strategic Impact Escalation | ||
| Details | Website | 2024-11-16 | 4 | Account takover of an online casino | ||
| Details | Website | 2024-11-16 | 0 | Exploring the Essentials of Hacking, Virtual Machines, Linux, and Networking | ||
| Details | Website | 2024-11-16 | 25 | BugBounty — Mastering the Basics (along with Resources)[Part-4] | ||
| Details | Website | 2024-11-16 | 2 | Nextjs Certification? | ||
| Details | Website | 2024-11-16 | 1 | The Ultimate Cybersecurity Study Guide: Your Roadmap to Mastery | ||
| Details | Website | 2024-11-16 | 0 | Introduction to Dharma - Part 1 — Haboob | ||
| Details | Website | 2024-11-15 | 0 | Web Siteleri ve platform Neden IP Adreslerini Kaydederler ? | ||
| Details | Website | 2024-11-15 | 2 | ハッカー、macOSの拡張ファイル属性を使って悪意のあるコードを隠す - PRSOL:CC | ||
| Details | Website | 2024-11-15 | 18 | Browser’s Secret Diary: Memory Dumps Unveiled | ||
| Details | Website | 2024-11-15 | 38 | BrazenBamboo Weaponizes FortiClient Vulnerability to Steal VPN Credentials via DEEPDATA | ||
| Details | Website | 2024-11-15 | 11 | Phishing Sitelerinin Anatomisi |