https://connar.github.io/tags/vsto/Recent content in Vsto on Journal of ConnarHugo -- 0.147.3en-ushttps://connar.github.io/posts/weaponizing-vsto-files/Mon, 01 Jan 0001 00:00:00 +0000https://connar.github.io/posts/weaponizing-vsto-files/<h1 id="exploring-vsto-plugins-for-initial-access">Exploring VSTO plugins for initial access</h1> <h2 id="introduction">Introduction</h2> <p>In continuation of the <a href="https://connar.github.io/posts/weaponizing-xll-files/"><em>Weaponizing xll files</em></a>, we will now review another way of phishing. This time, we will explore <code>VSTO</code>.</p> <div align="center"> <img src="https://connar.github.io/posts/weaponizing-vsto-files/vsto-logo.png" alt="blackmatter-logo"> </div> <p><code>VSTO</code> is a devkit that allows you to craft .NET Office Add-ins shipped within an Office document (like how we did with <code>xll</code> in <code>excel</code>).<br> It allows your code to run within the .NET Framework Common Language Runtime (CLR) directly inside the memory space of Word, Excel or Outlook.<br> This more or less seems like an additional way of phishing for initial access.</p>