Getting RCE with a Razor! Our walk-through of CVE-2021-22941 affecting Citrix ShareFile Storage Zones Controller by Markus Wulftange is now live codewhitesec.blogspot.com/2021/09/citrix…

Cool news! My photos from Inspiration4 are now available to order as prints on my website, with 100% of profits from these sales going to St. Jude. I'll make monthly donations after each payout + share updates here. ❤️🚀 johnkrausphotos.com/Galleries/Laun…

PIC your Katz! Say hello to HandleKatz, our position independent Lsass dumper abusing cloned handles, direct system calls and a modified version of minidumpwritedump() brought to you by thefLink #BruCON0x0D github.com/codewhitesec/H…

.NET Remoting Revisited – playing around with .NET Remoting led Markus Wulftange to new insights, some enhancements for James Forshaw's #ExploitRemotingService, a new universal #YSoSerialNet ObjRef gadget and its counterpart #RogueRemotingServer (1/2) codewhitesec.blogspot.com/2022/01/dotnet…

BREAKING Microsoft allegedly breached. Catalin Cimpanu vx-underground #cybersecurity #infosec Microsoft

Our powerintern Fabian strikes again, teamed up with thefLink and developed SysmonEnte: a hard to detect attack on Sysmon. Check out our new blogpost: codewhitesec.blogspot.com/2022/09/attack…

More awesomeness from the team I work with.

Mein Ex-Kollege und Java Mentor Kai Ullrich bietet ein offensives Java Training für Pentester im Dezember an. qskills.de/qs/workshops/s… Falls ihr schon immer mal ysoserial tiefer verstehen wolltet, log4j verstehen und für RCE exploiten und vieles mehr ist das euer Training ;)

CVE-2023-27532 in Veeam Backup & Replication is serious, expect exploitation attempts soon. Our teammate Markus Wulftange was able to develop an exploit just by using the exposed API.

@ChrisG_NSF NSF - NASASpaceflight.com Congrats Chris!

[Blogpost] EvtPsst a small EventLog Process Mute tool without OpenProcess call to the EventLog process. This blog shows how to elevate a SYNCHRONIZE handle to a full process handle with a process token of EventLog. nothingspecialforu.github.io/EvtPsstBlog/ #redteam

We are nominated again for PortSwigger's "Top 10 Web Hacking Techniques" and we're even in with two entries for 2023: ➡️ Java Exploitation Restrictions in Modern JDK Times ➡️ JMX Exploitation Revisited ✍️ Vote now: portswigger.net/polls/top-10-w…

Struggeling to get those precious certificates with #certipy and AD CS instances that do not support web enrollment and do not expose CertSvc via RPC? Tobias Neitzel has you covered and added functionality to use DCOM instead of good old RPC #redteaming github.com/ly4k/Certipy/p…

Utterly mind blowing !

Yes, we're beating a dead horse. But that horse still runs in corporate networks - and quietly gives attackers the keys to the kingdom. We're publishing what’s long been exploitable. Time to talk about it. #DSM #Ivanti code-white.com/blog/ivanti-de…

Lost count on how often we achieved full domain compromise through DSM, but double digit for sure. This product ist extremely hard to configure and leaves a large attack surface even if configured correctly. If in use, make sure to read the blog and follow the recommendations! ☝️

Bro this might be the greatest thing I have ever seen in my life

Uh? #Murica