The Lab

Smash the stack - Spray the heap - Pwn that shell!    ⬣ ⬣

Nov. 10, 2021

DLL Hollowing

A deep dive into a stealthier memory allocation variant, analyzing advantages, pitfalls and artifacts

See more
Oct. 26, 2021

Exploiting Grandstream HT801 ATA (CVE-2021-37748, CVE-2021-37915)

This article describes two authenticated remote code execution vulnerabilities that we found during a time-bounded security assessment of Grandstream's HT801 Analog Telephone Adapter.

See more
July 12, 2021

Azure Persistence and Detection

Cloud computing is one of the most impactful IT technological advancements in recent years due to perhaps its faster growth rate compared to other technologies in the ICT domain.

See more
June 25, 2021

Whisper2Shout – Unhooking technique

This blog post is the first part of a series focused on malware detection evasion techniques on Windows. In particular, we look at userland API hooking techniques employed by various security products and ways to identify and bypass them.

See more
Feb. 3, 2021

Bypassing WAFs (Web Application Filters)

Web application vulnerabilities have introduced the need to implement additional protection mechanisms that will guard against common attacks and exploitation vectors.

See more
Jan. 11, 2021

The devil is in the details

This is a post about how going the extra mile in creating a phishing campaign is very likely to pay dividends.

See more
Dec. 17, 2020

Progress MOVEit Transfer < 2020.1 Stored XSS (CVE-2020-28647)

During a recent web application test engagement one of the applications in scope was a MOVEit Transfer 2020 web application. While performing the assessment a Stored Cross-Site Scripting (XSS) vulnerability was identified.

See more