Hijack the TypeLib. New COM persistence techniqueA new way of persistence on Windows systems via COM. Down with COM Hijacking, the future is TypeLib Hijacking! Read more here :)Oct 22Oct 22
Evil MSI. A long story about vulnerabilities in MSI FilesMSI Files are used ubiquitously in Windows. What vulnerabilities might they contain?Aug 301Aug 301
OSEP Unleashed. The advance of in-memory payload executionEverything OSEP didn’t tell you. How to execute payloads in memory and bypass antivirus.Jul 27Jul 27
Process Injection is Dead. Long Live IHxHelpPaneServerProcess Injection without Process Injection. Exploring cross-session activation mechanisms to steal someone else’s session using COMJul 15Jul 15
From HTTP to RCE. How to leave backdoor in IISI will show the way of persistence on a target system using legitimate Microsoft product being Internet Information Services.Jul 3Jul 3