{"id":4432,"date":"2026-07-08T08:46:13","date_gmt":"2026-07-08T12:46:13","guid":{"rendered":"https:\/\/increasec.com\/?p=4432"},"modified":"2026-07-08T08:46:13","modified_gmt":"2026-07-08T12:46:13","slug":"clipboard-tracing","status":"publish","type":"post","link":"https:\/\/increasec.com\/?p=4432","title":{"rendered":"Clipboard tracing"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">A lot of Social Engineering convinces the user to copy a dangerous command to Cmd or PowerShell<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">HO ClipTrace is the proof of concept\/base, it keeps track of where a clipboard item came from<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">I would like to expand on this to make rules such as<br>can&#8217;t copy from a browser\/email to Cmd or PowerShell<br>maybe have soft rules that allow the above with an Administrator password or a manager&#8217;s approval<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-rich is-provider-reddit wp-block-embed-reddit\"><div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"reddit-embed-bq\" style=\"height:500px\" ><a href=\"https:\/\/www.reddit.com\/r\/buildinpublic\/comments\/1tptkgt\/i_built_a_windows_clipboard_app_that_remembers\/\">I built a Windows clipboard app that remembers where copied items came from<\/a><br> by<a href=\"https:\/\/www.reddit.com\/user\/HO_awesome\/\">u\/HO_awesome<\/a> in<a href=\"https:\/\/www.reddit.com\/r\/buildinpublic\/\">buildinpublic<\/a><\/blockquote><script async src=\"https:\/\/embed.reddit.com\/widgets.js\" charset=\"UTF-8\"><\/script>\n<\/div><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>A lot of Social Engineering convinces the user to copy a dangerous command to Cmd or PowerShell HO ClipTrace is the proof of concept\/base, it keeps track of where a&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[4,21],"class_list":["post-4432","post","type-post","status-publish","format-standard","hentry","category-uncategorised","tag-security","tag-windows"],"_links":{"self":[{"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/posts\/4432","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/increasec.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4432"}],"version-history":[{"count":1,"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/posts\/4432\/revisions"}],"predecessor-version":[{"id":4433,"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/posts\/4432\/revisions\/4433"}],"wp:attachment":[{"href":"https:\/\/increasec.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4432"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/increasec.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4432"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/increasec.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4432"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}