A New Program Execution Artifact – Windows 11 22H2 Update!
Article Link: A New Program Execution Artifact – Windows 11 22H2 Update! – YouTube
1 post – 1 participant
Read full topic
Article Link: A New Program Execution Artifact – Windows 11 22H2 Update! – YouTube
1 post – 1 participant
Read full topic
Let’s continue the presentation of examples of use event logs from Google Workspace. Today I’ll describe how to use event logs to check and notify users about outdated versions of the operating system. The idea is to inform users via email…
Nettitude recently conducted a penetration test for a customer who used Rocket TRUfusion Enterprise within their external infrastructure. Two high severity vulnerabilities were identified, including an authentication bypass issue and Serve…
One of the main benefits of writing your shellcode in assembly is that you have full control over the structure of the shellcode.
For example, the content and order of the functions in the source file can (obviously) be changed and the cod…
Article Link: The Dissect Effect – An Open Source IR Framework – YouTube
1 post – 1 participant
Read full topic
About 18 months ago, I was conducting a pentest of a document management platform. It was designed with the goal of providing a secure document storage and sharing solution for some high impact use cases. In order to allow document editing…
Article Link: Let’s Talk About MUICache – YouTube
1 post – 1 participant
Read full topic
Since its inaugural year I have been a participant in the FireEye / Mandiant Flare-On challenges produced by FLARE, the FireEye Labs Advanced Reverse Engineering. FLARE is one of the industry’s most accomplished team of reverse engineers a…
Cybersquatting is the act of registering a domain name which looks similar to a target domain in order to perform malicious activity. This includes facilitating phishing campaigns, attacking genuine visitors who mistyped an address, or dam…
Today I will describe how to detect suspicious login activities to Google Workspace.I am using AdminReports.Activities.list API (https://developers.google.com/admin-sdk/reports/reference/rest/v1/activities/list) from my Apps Script script …