OUR LATEST RESEARCH
Analysing the NULL SecurityDescriptor kernel exploitation mitigation in the latest Windows 10 v1607 Build 14393
We recently discovered a new and quietly released Windows kernel exploitation defence. Exploiting a kernel bug by setting the pointer to the SecurityDescriptor to NULL in the header of a process object running as SYSTEM [...]
From macro to malware – a step by step analysis
We recently received an email which contained a malicious Word macro. Usually, the only thing that changes between malicious Office macros is the obfuscation that is used; e.g. changing variable names and splitting text strings. This one was [...]
DerbyCon 2016 CTF Write Up
We’ve just got back to work after spending a fantastic few days in Kentucky for DerbyCon 2016. As with previous years, there was an awesome CTF event, so we thought it’d be rude not to [...]
ZeroPress – A WordPress Vulnerability Hunter
Finding WordPress plugin vulnerabilities is like shooting fish in a barrel. Like taking candy from a baby. Like… you get the idea. Quick wins are good wins and there’s nothing like easy remote code execution [...]
Rocktastic: a word list on steroids
Bigger isn’t always better, but sometimes it is. If you need a huge word list before you hit those mask attacks, we’ve got you covered. We call it Rocktastic. When you absolutely, positively, got to [...]