A vulnerability in Bitdefender Antivirus allowed any website to run arbitrary code with user's privileges. This was caused by issues very similar to ones found in other antivirus products before.

Analysis of a Cobalt Strike Server leveraged in “PowerTrick” breaches, by Joshua Platt and Jason Reaves

During the Trimarc Webcast on June 17, 2020, Sean Metcalf covered a number of Active Directory (AD) components and areas that should be reviewed for potential security issues. The presentation included PowerShell code in the presentation and that code is…

Introducing: Max

BloodHound Notebook Project Open Source Love Open_Threat_Research Community A community-driven effort to document and share cypher queries via Jupyter Noteboo

Automated Attack Simulation in the Cloud, complete with detection use cases. - GitHub - WithSecureLabs/leonidas: Automated Attack Simulation in the Cloud, complete with detection use cases.

A dive into Windows DLLs, DLL hijacking, automation, WinAPI, and finding the root cause of shared DLL hijacks.

In June 2020, I found a stored XSS bug that could allow an attacker to steal user email conversations, contacts in mail.ru and myMail iOS…

A newly discovered LOLBin offers an alternative to certutil for helping adversaries download files from a remote server. Meet desktopimgdownldr.exe.

Today, we will be looking at the “Connected User Experiences and Telemetry service,” also known as “diagtrack.” This article is quite heavy on NTFS-related terminology, so you’ll need to have a good understanding of it.

The Official DEF CON Team Village continues to have an amazing lineup of speakers and presentations! The talks range from introductory topics of Red Teaming and Ethical Hacking to very advanced techniques and tactics. Speakers go over how they try to mimic…

A repository where I share my injection implemintations - DanusMinimus/Injections

Palantir’s recommendations for defending your network

Contribute to dalvarezperez/CreateFile_based_rootkit development by creating an account on GitHub.

Make every part of your business more resilient.