by Rodrigo Marcos | Apr 1, 2019
As part of our Red Team operations, at SECFORCE we research about effective and stealthy ways of delivering and executing arbitrary code on victim workstations. One of the key areas of research is around identification of AV limitations in Macro-enabled Office...
by Rodrigo Marcos | Apr 13, 2017
MySQL server is affected by a remote DoS attack, which could be exploited by a remote unauthenticated attacker to cause a loss of availability on the targeted service. The issue has been verified to affect 5.6.X branch up to 5.6.35 and 5.7.X branch up to 5.7.17. It is...
by Rodrigo Marcos | Apr 6, 2017
In this post we are going to explain how we used iptables to bypass an Intrusion Prevention System during a recent penetration test. During the first phase of a penetration test on a /24 network, we started performing routinary network port scan to identify available...
by Rodrigo Marcos | Apr 16, 2014
We are liaising with UK Trade & Investment and the British Embassy in Brussels to deliver a seminar about “How Exposed are we to the Cyber Threat?” on Thursday 24 April We will be talking about penetration testing and delivering a demo about the...
by Rodrigo Marcos | Mar 17, 2014
SECFORCE will present Tunna framework and a number of techniques penetration testers can benefit from to bypass network firewalls. The presentation will include common scenarios in which HTTP tunnels can be use to bridge the gap between web application testing and...
