unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Introducing Early Cascade Injection: from Windows process creation to stealthy injection
By Guido Miggelenbrink at OutflankIntroductionIn this blog post we introduce a novel proce...
2024-10-15 20:3:43 | 阅读: 12 |
收藏
|
Outflank Blog - www.outflank.nl
injection
apc
edrs
pfnse
dllloaded
Will the real #GrimResource please stand up? – Abusing the MSC file format
In this blog post we describe how the MSC file format can be leveraged to execute arbitrary code v...
2024-8-13 21:34:59 | 阅读: 14 |
收藏
|
Outflank Blog - www.outflank.nl
snap
msc
mmc
security
pane
Introducing Outflank C2 with Implant Support for Windows, macOS, and Linux
We are rebranding our commercial...
2024-8-8 04:59:48 | 阅读: 24 |
收藏
|
Outflank Blog - www.outflank.nl
c2
outflank
implants
stage1
windows
EDR Internals for macOS and Linux
Many public blogs and conference talks have covered Windows telemetry sources like kernel callback...
2024-6-3 23:56:18 | 阅读: 14 |
收藏
|
Outflank Blog - www.outflank.nl
agents
security
ebpf
network
outflank
OST Release Blog: EDR Tradecraft, Presets, PowerShell Tradecraft, and More
Malicious actors continuously deploy new or improved techniques. Red teams must maintain an equall...
2024-4-30 00:15:32 | 阅读: 8 |
收藏
|
Outflank Blog - www.outflank.nl
ost
presets
edrs
bypass
payload
Unmanaged .NET Patching
To execute .NET post-exploitation tools safely, operators may want to modify certain managed funct...
2024-2-1 22:0:15 | 阅读: 8 |
收藏
|
Outflank Blog - www.outflank.nl
unmanaged
mscorlib
exitptr
Free Training: Microsoft Office Offensive Tradecraft for Red Teamers
Copyright © Fortra, LLC and its group of companies. Fortra™, the Fortra™ logos, and other identi...
2023-12-19 18:0:51 | 阅读: 12 |
收藏
|
Outflank Blog - www.outflank.nl
fortra
llc
logos
marks
proprietary
Mapping Virtual to Physical Adresses Using Superfetch
With the Bring Your Own Vulnerable Driver (BYOVD) technique popping up in Red Teaming arsenals, we...
2023-12-14 23:12:46 | 阅读: 9 |
收藏
|
Outflank Blog - www.outflank.nl
memory
superfetch
windows
processes
Reflecting on a Year with Fortra and Next Steps for Outflank
When we debuted OST back in 2021, we wrote a blog detailing both the product features and the rati...
2023-11-6 23:15:42 | 阅读: 4 |
收藏
|
Outflank Blog - www.outflank.nl
ost
outflank
cobalt
fortra
development
Listing remote named pipes
On Windows, named pipes are a for...
2023-10-19 23:33:32 | 阅读: 5 |
收藏
|
Outflank Blog - www.outflank.nl
remote
windows
smbclient
c2
Solving The “Unhooking” Problem
For avoiding EDR userland hooks, there are many ways to cook an egg:Direct system calls (sysca...
2023-10-5 15:38:13 | 阅读: 4 |
收藏
|
Outflank Blog - www.outflank.nl
stage1
library
loadlibrary
c2
python
Cobalt Strike and Outflank Security Tooling: Friends in Evasive Places
This is a joint blog written by the Cobalt Strike and Outflank teams. It is also available on the...
2023-7-19 23:19:10 | 阅读: 8 |
收藏
|
Outflank Blog - www.outflank.nl
cobalt
ost
outflank
beacon
tradecraft
So you think you can block Macros?
For the purpose of securing Microsoft Office installs we see many of our customers moving to a mac...
2023-4-25 18:30:30 | 阅读: 7 |
收藏
|
Outflank Blog - www.outflank.nl
macros
microsoft
security
xlam
publisher
Attacking Visual Studio for Initial Access
In this blog post we will demonstrate how compiling, reverse engineering or even just viewing sour...
2023-3-28 18:6:19 | 阅读: 3 |
收藏
|
Outflank Blog - www.outflank.nl
library
microsoft
moniker
loadtypelib
security
A phishing document signed by Microsoft – part 2
This is the second part of our blog series in which we walk you through the steps of finding and w...
2022-1-7 18:13:16 | 阅读: 5 |
收藏
|
Outflank Blog - www.outflank.nl
xll
xlam
excel4
analysis
microsoft
A phishing document signed by Microsoft – part 1
This blog post is part of series of two posts that describe weaknesses in Microsoft Excel that cou...
2021-12-9 20:27:34 | 阅读: 6 |
收藏
|
Outflank Blog - www.outflank.nl
xll
microsoft
xlam
attacker
Our reasoning for Outflank Security Tooling
TLDR: We open up our internal toolkit commercially to other red teams. This post explains why....
2021-4-2 20:26:14 | 阅读: 4 |
收藏
|
Outflank Blog - www.outflank.nl
ost
toolset
outflank
heavy
teaming
Previous
-7
-6
-5
-4
-3
-2
-1
0
Next