BSides Edinburgh 2017 Crypto Contest Write Up

Recently, at the inaugural BSides Edinburgh, Ben Turner and…
Shadow Brokers Exploit Table

A quick analysis of the latest Shadow Brokers dump

Just in time for Easter, the Shadow Brokers released the latest…

Carbon Black - Security Advisories: CVE-2016-9570, CVE-2016-9568 and CVE-2016-9569

Nettitude have discovered three vulnerabilities in Carbon Black;…
Sample LogParser SQL query

Effectively analysing sysmon logs

We previously covered setting up and using sysmon (System Monitor),…

Putting attackers in hi vis jackets with sysmon

Background Sysmon (short for system monitor) has been part of…

More XSS Shenanigans

In September, we released our XSS Payloads collection of scripts…
Bypass with well-placed breakpoints using LLDB

Who owns your runtime?

Can mobile applications trust their own runtime environment?…
Create a caption for the OLE object

Fun with Windows binaries - application whitelist bypass using msiexec

We were inspired by the work @subTee has done with application…

PoshC2 - new features

There have been a few cool updates to PoshC2, our public Command…