Dameware Mini Remote Control (MRC) is a remote administration utility allowing remote access to end user devices for a variety of purposes. You can often find it among the plethora of toolkits used [...]
Scrounger is a modular tool designed to perform the routine tasks required during a mobile application security assessment. Scrounger conveniently brings together both major mobile operating systems - Android and iOS - into [...]
Invoke-Pbind is a mini post exploitation framework written in PowerShell, which builds C2 communications over SMB named pipes using a push rather than a pull mechanism. Pbind was initially created to overcome lateral [...]
Commonly, malware will fingerprint the host it executes on, in an attempt to discover more about its environment and act accordingly. Part of this process is quite often dedicated to analyzing specific data [...]
A SQL injection vulnerability has been discovered in SolarWinds’ Network Performance Monitor (NPM). This vulnerability has been designated CVE-2018-13442. SolarWinds NPM is one of the most widely used network monitoring tools available in [...]
Avecto Defendpoint is an endpoint protection product which, according to the Avecto website, will: “Prevent breaches without hindering productivity. Avecto combines best-in-class privilege management and application control, making admin rights removal simple and [...]
We are delighted to announce the release of our PoshC2 Python Server, allowing cross-platform support. Over the past six months we have been working on a Python server for PoshC2, which allows it [...]
Recently, Component Object Model (COM) has come back in a big way, particularly with regards to it being used for persistence and lateral movement. In this blog we will run through how it [...]
We have recently disclosed a list of vulnerabilities to Sophos that allow local attackers to elevate their privileges and execute code in the security context of the SYSTEM user account. Affected Products SafeGuard [...]
Affected Software: IPConfigure Orchid Core VMS (All versions < 2.0.6, tested on Linux and Windows) Vulnerability: Unauthenticated Privileged Directory Traversal CVE: CVE-2018-10956 Impact: Arbitrary File Read Access Metasploit module: https://github.com/nettitude/metasploit-modules/blob/master/orchid_core_vms_directory_traversal.rb Summary of Vulnerability IPConfigure Orchid Core VMS [...]