Skuggaheimar/Threat Intelligence/Interactsh
INTERACTSH
INTERACTSH
SECURITY TOOL / TECHNIQUE
PROJECTDISCOVER
Threat IntelligenceMalwareJune 22, 202515 min read

Interactsh: Threat Intelligence Profile

OOB interaction testing tool

Scroll

Interactsh / Interact.sh (also known as Interactsh, interact.sh, oast.pro) is a security tool / technique active since 2021. OOB interaction testing tool. Key characteristics include: out-of-band DNS/HTTP/SMTP callbacks, vulnerability confirmation, abused for data exfiltration.

Overview & Background

OOB interaction testing tool. First identified in 2021, this threat is attributed to ProjectDiscovery (legitimate).

Threat Assessment

Interactsh remains an active threat. Organizations should implement detection rules and monitor for indicators associated with this security tool / technique.

Technical Analysis

Interactsh employs the following capabilities and techniques:

MITRE ATT&CK Mapping

TacticTechniqueUsage
Initial AccessT1566.001 Phishing AttachmentCommon delivery vector
ExecutionT1204.002 Malicious FileUser-triggered execution
PersistenceT1547.001 Registry Run KeysAutostart persistence
Defense EvasionT1027 Obfuscated FilesPayload obfuscation
C2T1071.001 Web ProtocolsHTTP/HTTPS C2

Detection & Defense

Defend Against Interactsh

Mjolnir Security provides detection and response capabilities against Interactsh and similar threats.

Threat DetectionIncident ResponseThreat HuntingMDR ServicesThreat Intelligence
  • Proactive Threat Hunting Hunt for Interactsh indicators and TTPs within your environment.
  • Threat Intelligence Monitor Interactsh campaigns and infrastructure changes.
  • 24/7 Incident Response Rapid containment and forensic investigation. Call +1 833 403 5875.
Written by: Mjolnir Security  |  Published: June 22, 2025
Related Reports
Tool

Cobalt Strike: Adversary's Arsenal

Read Report →
Tool

Metasploit Framework

Read Report →