Impacket Developer Guide. Part 2. Finding RPC on the system and some words about (in)securityHow to find a RPC server on the system and how to secure that : )Aug 19Aug 19
Impacket Developer Guide. Part 1. RPCLearn the basics of RPC, develop a client and server using C++Aug 8A response icon1Aug 8A response icon1
We’re going the wrong way! How to abuse symlinks and get LPE in WindowsHow to achieve LPE in Windows via symlinks and how we wrote an exploit for Anydesk :)Jun 25A response icon1Jun 25A response icon1
ADCS. So u got certificate. Now i’ve got nine ways to abuse itWhat do with a certificate in a Windows AD environment? How to get the most out of a single pfx file? The answers are in articleMar 18Mar 18
I’m watching you! How to spy Windows users via MS UIADive into the world of development with COM, explore the Windows graphical tree, and create a real SpyWare with our new researchJan 5Jan 5
Hijack the TypeLib. New COM persistence techniqueA new way of persistence on Windows systems via COM. Down with COM Hijacking, the future is TypeLib Hijacking! Read more here :)Oct 22, 2024A response icon2Oct 22, 2024A response icon2
Evil MSI. A long story about vulnerabilities in MSI FilesMSI Files are used ubiquitously in Windows. What vulnerabilities might they contain?Aug 30, 2024A response icon1Aug 30, 2024A response icon1
OSEP Unleashed. The advance of in-memory payload executionEverything OSEP didn’t tell you. How to execute payloads in memory and bypass antivirus.Jul 27, 2024Jul 27, 2024
Process Injection is Dead. Long Live IHxHelpPaneServerProcess Injection without Process Injection. Exploring cross-session activation mechanisms to steal someone else’s session using COMJul 15, 2024Jul 15, 2024
From HTTP to RCE. How to leave backdoor in IISI will show the way of persistence on a target system using legitimate Microsoft product being Internet Information Services.Jul 3, 2024Jul 3, 2024
