Discovering Splinter: A First Look at a New Post-Exploitation Red Team Tool

A new post-exploitation red team tool called Splinter, written in Rust, was discovered on customer systems. Splinter, which uses a task-based model and includes features like command execution and file upload/download, highlights the need for continuous tracking and detection of such tools. Palo Alto Networks customers are protected through Advanced WildFire, Cortex XDR, and XSIAM.