Category

Red Team

ExploitsRed TeamReversing
October 9, 2019

CVE-2019-10617 – AtherosSvc Registry LPE

Discovery In DbgView one day, I noticed repeated noisy output from a particular process. The…
Read More
CodeRed Team
June 4, 2019

Re-Animating ActivitySurrogateSelector

In 2017, James Forshaw released a DotNet deserialization gadget which abuses the ActivitySurrogateSelector class from…
Read More
Neurons black and white
Machine LearningRed Team
November 14, 2018

Machine Learning for Red Teams, Part 1

TLDR: It's possible to detect a sandbox using a process list with machine learning. Introduction…
Read More