Create a caption for the OLE object

Fun with Windows binaries - application whitelist bypass using msiexec

We were inspired by the work @subTee has done with application…

PoshC2 - new features

There have been a few cool updates to PoshC2, our public Command…
Four stages of the exploit kit infection chain [1]

An analysis of the RIG exploit kit

Over the last few weeks, we have observed an increase of RIG…
Windows Explorer default permissions

Analysing the NULL SecurityDescriptor kernel exploitation mitigation in the latest Windows 10 v1607 Build 14393

We recently discovered a new and quietly released Windows kernel…

From macro to malware - a step by step analysis

We recently received an email which contained a malicious Word…

DerbyCon 2016 CTF Write Up

We've just got back to sunny England after spending a fantastic…

ZeroPress - A WordPress Vulnerability Hunter

Finding WordPress plugin vulnerabilities is like shooting fish…

Rocktastic: a word list on steroids

Bigger isn’t always better, but sometimes it is.  If you need…
NTLM hashes

Introducing 'XSS Payloads' repository: Cross Site Scripting doesn't have to be boring

Sometimes, particularly when dealing with a system perimeter, there's…