One shell to HANDLE them all
New approach to escalate privileges by abusing open token handles after compromising a web app
Articles
All categories
Articles
AD CS: from ManageCA to RCE
Disclosure of two novel techniques to compromise a CA server by abusing the ManageCA permissions (AD CS)
AD CS: weaponizing the ESC7 attack
Research and tooling development around the ESC7 attack (AD CS)
Leveraging Microsoft Teams to persist and cover up Cobalt Strike traffic
Combining DLL hijacking with Cobalt Strike Malleable C2 profiles to persist and stay stealthy
From N-day exploit to Kerberos EoP in Linux environments
Turning an arbitrary file read vulnerability (CVE-2018-1685) into a full Linux host compromise, via Kerberos
Hindering Threat Hunting, a tale of evasion in a restricted environment
Use of Google Apps Script as a proxy for communication with the C&C
Attackers Abuse MobileIron’s RCE to deliver Kaiten
In September this year the security researcher Orange Tsai published various...
Analyzing an RFID scanner: bad habits never die
Analysis and compromise of an RFID scanner used to pivot to the corporate network
Ragnarok Stopper: development of a vaccine
Details of the development of a vaccine against Ragnarok malware
A deep dive into disable_functions bypasses and PHP exploitation
Article about how disable_functions works in PHP and how to find bypasses
Lateral movement via MSSQL: a tale of CLR and socket reuse
Technical details about how to pivot through a Microsoft SQL Server