One shell to HANDLE them all
New approach to escalate privileges by abusing open token handles after compromising a web app
AD CS: from ManageCA to RCE
Disclosure of two novel techniques to compromise a CA server by abusing the ManageCA permissions (AD CS)
AD CS: weaponizing the ESC7 attack
Research and tooling development around the ESC7 attack (AD CS)
Leveraging Microsoft Teams to persist and cover up Cobalt Strike traffic
Combining DLL hijacking with Cobalt Strike Malleable C2 profiles to persist and stay stealthy
From N-day exploit to Kerberos EoP in Linux environments
Turning an arbitrary file read vulnerability (CVE-2018-1685) into a full Linux host compromise, via Kerberos
Hindering Threat Hunting, a tale of evasion in a restricted environment
Use of Google Apps Script as a proxy for communication with the C&C
Attackers Abuse MobileIron’s RCE to deliver Kaiten
In September this year the security researcher Orange Tsai published various...
Analyzing an RFID scanner: bad habits never die
Analysis and compromise of an RFID scanner used to pivot to the corporate network
Ragnarok Stopper: development of a vaccine
Details of the development of a vaccine against Ragnarok malware
A deep dive into disable_functions bypasses and PHP exploitation
Article about how disable_functions works in PHP and how to find bypasses
Lateral movement via MSSQL: a tale of CLR and socket reuse
Technical details about how to pivot through a Microsoft SQL Server
We are using cookies to give you the best experience on our website. You can find out more about which cookies we are using or switch them off inCookies Settings
Necesary
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
3rd Party Cookies
This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages. \n Keeping this cookie enabled helps us to improve our website.