Browse our blogs
We cover it all in The Security Blog. Discover what you’ve been looking for.
Hack-cessibility: When DLL Hijacks Meet Windows Helpers
Discord Livestream In preparation for a talk, Jason Lang (@curi0usJack) and I were doing at MCTTP about mining TTPs from VX-underground, we both ended up doing…
CVE-2025-1729 - Privilege Escalation Using TPQMAssistant.exe
While digging into the internals of my new Lenovo ThinkPad P1 Gen7, I came across an unexpected discovery that quickly escalated from curiosity to a viable…
Abusing Chrome Remote Desktop on Red Team Operations: A Practical Guide
In this post, we’ll be exploring a practical technique for abusing Chrome Remote Desktop (also known as Google Remote Desktop) within a Red Team operation. I…
Red Team Gold: Extracting Credentials from MDT Shares
When it comes to targeting enterprise deployment infrastructure during a Red Team engagement, SCCM (System Center Configuration Manager) tends to get all the…
Command Line Underdog: WMIC in Action
My typical engagements are mostly Red Teams, so I do not often get a chance to play with terminal server application breakouts—but on a recent engagement, I…
Oops I UDL'd it Again
IntroductionPhishing. We all love phishing. This post is about a new phishing technique based on some legacy knowledge I had that can be used to get past email…
Specula - Turning Outlook Into a C2 With One Registry Change
There exist a few singular Registry changes that any non-privileged user can make that transform the Outlook email client into a beaconing C2 agent. Given that…
From Error to Entry: Cracking the Code of Password-Spraying Tools
Discover how to effectively onboard MFA for Office 365 users with MSOLSpray, and unlock remote access with our expert guide.
Creative Process Enumeration
Differentiate process architecture using virtual memory size in 64-bit and 32-bit processes.
Critical Outlook Vulnerability: In-Depth Technical Analysis and Recommendations (CVE-2023-23397)
Protect your organization from the Microsoft Outlook CVE-2023-23397 vulnerability with expert guidance and a simple remediation script.
Diving into Pre-Created Computer Accounts
Discover how to find a valid, unused computer account password using a vulnerable certificate template and a pre-created computer account, leveraging…
CVE-2022-24696 - Glance by Mirametrix Privilege Escalation
Lenovo ThinkPad X1 Extreme Gen 1 users, beware: a vulnerability in Glance software can be exploited to gain SYSTEM privileges, allowing malicious actions to…
Loading...