Security Research and Latest News

Getting Shells on Easy Mode

This forms part of a new series of blog posts looking at client-side attacks and evasion strategies used by hackers. Running Shell Code...

Weaponising C#

This forms part of a new series of blog posts looking at client-side attacks and evasion strategies used by hackers. Running Shell Code...

Weaponising JScript

This forms part of a new series of blog posts looking at client-side attacks and evasion strategies used by hackers. When looking at...

Weaponising Word With Powershell

This forms part of a new series of blog posts looking at client-side attacks and evasion strategies used by hackers. As discussed last...

Weaponising Word With VBA

This forms part of a new series of blog posts looking at client-side attacks and evasion strategies used by hackers. Office Products are...

HTML Smuggling

This forms part of a new series of blog posts looking at client-side attacks and evasion strategies used by hackers. Whilst in many cases...

ActiveX

CVE-2021-40444, is a client side remote code execution vulnerability in MSHTML, reported on 7 Sep 2021 and later updated 14 Sep 2021....

Zerologon (CVE-2020-1472): An Unauthenticated Privilege Escalation to Full Domain Privilege

CVE-2020-1472 is a privilege elevation vulnerability in the Netlogon Remote Protocol (MS-NRPC) for which a partial patch was released by...

Subscribe to Our Newsletter