ExploitsRed TeamReversing
October 9, 2019

CVE-2019-10617 – AtherosSvc Registry LPE

Discovery In DbgView one day, I noticed repeated noisy output from a particular process. The…
Read More
July 30, 2019

Black Hat and BSidesLV 2019

With Black Hat quickly approaching, we wanted to announce our plans for the week, and…
Read More
CodeRed Team
June 4, 2019

Re-Animating ActivitySurrogateSelector

In 2017, James Forshaw released a DotNet deserialization gadget which abuses the ActivitySurrogateSelector class from…
Read More
padlock on gate
November 30, 2018

Security Breach: Top Cracked Passwords of 2018

An estimated 700 data breaches were made public, with 1,365,130,252 records exposed in the United…
Read More
Neurons black and white
Machine LearningRed Team
November 14, 2018

Machine Learning for Red Teams, Part 1

TLDR: It's possible to detect a sandbox using a process list with machine learning. Introduction…
Read More
Penetration Testing
June 26, 2018

ESPKey + Long Range RFID Reader = A New Tastic Thief

There have been plenty of blog posts, and security conference talks about building long-range RFID…
Read More
March 12, 2018

Windows Events, Sysmon and Elk…oh my! (Part 2)

Overview In the previous post we walked through on how to setup an ELK instance…
Read More