Using CSS and social engineering to identify juicy targets when performing watering hole attacks| Mixing watering hole attacks with history leak via CSS |
Finding a way to reuse R/W/X memory with VBA and how to avoid crashes| VBA: overwriting R/W/X memory in a reliable way |
Yet another security platform being pwned by trivial vulnerabilities (CVE-2024-22107 & CVE-2024-22108)| A christmas tale: pwning GTB Central Console (CVE-2024-22107 & CVE-2024-22108) |
Article describing an alternative method to trigger shellcode execution| VBA: having fun with macros, overwritten pointers & R/W/X memory |
Umpteenth time that you will see a lateral movement based on DCOM. This time it's Visual Studio.| Developers are juicy targets: DCOM & Visual Studio |
Combination of small snippets of code to simulate getprocaddress avoiding dangerous functions| VBA: resolving exports in runtime without NtQueryInformationProcess or GetPro...
Article describing how to decode/decrypt source code protected with Nu-Coder| Beating an old PHP source code protector |
Load shared object (PHP extension) from memory| Spice up your persistence: loading PHP extensions from memory |
Detecting NoVNC for phishing campaigns| Thoughts on the use of noVNC for phishing campaigns |
Write up about our challenge based on a highly restricted PHP environment| In the land of PHP you will always be (use-after-)free |