OUR LATEST RESEARCH
VM Detection Tricks, Part 1: Physical memory resource maps
In this series we’ll document a novel and as-yet-undocumented Virtual Machine detection trick for each month of 2021. These detection tricks will be focused on 64-bit Windows 10 or Windows Server 2019 guests, targeting a [...]
PoshC2 Improved HTML Reports
Red team operators need detailed and accurate C2 report output in order to conduct high quality work. Consequently, reporting has always been a key element of PoshC2. With this update, PoshC2s reporting engine has been [...]
CVE-2020-14418: madCodeHook Library Local Privilege Escalation
Nettitude discovered a vulnerability in the 'madCodeHook' third party library which caused a number of security products, including Cisco AMP and Morphisec Unified Threat Prevention Platform, to contain a local privilege escalation vulnerability. Since the [...]
CVE-2020-27708: Electronic Arts (EA) Origin – Local Privilege Escalation
We recently assessed the security posture of Electronic Arts Origin Client and discovered a privilege escalation issue that would allow a low privilege attacker to elevate privileges to NT AUTHORTY\SYSTEM. This has been recorded as [...]
Introducing PoshC2 v7.0
There have been some big improvements and new features added to PoshC2 and we're excited to announce the release of PoshC2 v7.0. More and more people have started contributing to the project and every one [...]