Select Page

Death by keystrokes

As part of our Red Team operations, at SECFORCE we research about effective and stealthy ways of delivering and executing arbitrary code on victim workstations. One of the key areas of research is around identification of AV limitations in Macro-enabled Office...

CVE-2017-0199 exploitation with Cobalt Strike tutorial

Background CVE-2017-0199 leverages the way an OLE object is embedded into a Word/RTF document making it possible to execute its content without user interaction. OLE is supported by many different programs, and OLE is generally used to make content that is created in...

SPARTA 1.0 BETA released

SPARTA is a python GUI application which simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase. It allows the tester to save time by having point-and-click access to his/her toolkit and by...

Tunna v1.1a SOCKS!

Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. Due to popular demand, in this new version, Tunna (v1.1a) can be set up to be a local SOCKS proxy, that will accept any TCP traffic and send over to the webserver using HTTP requests....

Reverse Engineer Router Firmware – Part 2

This part of the tutorial will focus on how to inspect all the different executables that you may find within the firmware using emulation software QEMU and then how to modify the firmware to get a root shell on the router. If you have not already done the first...

Meet us in Brussels!

We are liaising with UK Trade & Investment and the British Embassy in Brussels to deliver a seminar about “How Exposed are we to the Cyber Threat?” on Thursday 24 April We will be talking about penetration testing and delivering a demo about the...