Tag: Sandman

Sandman Sandman is a backdoor that is meant to work on hardened networks during red team engagements. Sandman works as a stager and leverages NTP (a protocol to sync time & date) to get and run an arbitrary shellcode from a pre defined server. Since NTP is a protocol that is overlooked by many defenders…