/var/log/messages

Article

HP NonStop Basics

By Graeme Robinson and Phil Keeble on 2 November 2018

Since 1976, HP NonStop (Originally introduced by Tandem Computers Inc. before being owned by Compaq and finally HP) has been a widely used integrated hardware/software stack to support critical services such as Automated Teller Machines (ATMs),...

+ read more

Article

Undisable Restricted Admin

By David Yates on 31 October 2018

Originally introduced for Windows 8.1 and Server 2012 R2, Restricted Admin mode is a Windows feature that prevents storing an RDP user’s credentials in memory on the machine to which an RDP connection is made.

+ read more

Article

Debugging Released Xamarin Android Applications

By Emanuele Cesari and Ross Donald on 21 September 2018

As mobile applications become more and more essential for even small businesses, increasing the efficiency of development is key. Cross-platform Mobile Development Frameworks such as Xamarin allow a single codebase to be shared among iOS, Android...

+ read more

Article

DNS Rebinding Headless Browsers

By Alexandre Kaskasoli on 23 August 2018

This article describes the use of HTTP Referer headers to execute DNS rebinding attacks on AWS-hosted analytics systems, leading to a compromise of the cloud environment.

+ read more

Article

A Guide to Repacking iOS Applications

By Amar Menezes on 23 July 2018

Jailbreaking iOS getting harder with every new version released, repacking and resigning iOS applications to be sideloaded on non-jailbroken iOS device has been a subject that has generated significant interest from security researchers in recent years.

+ read more

Article

Bypassing Memory Scanners with Cobalt Strike and Gargoyle

By William Burgess on 18 July 2018

This blog post will present research into attempting to bypass memory scanners using Cobalt Strike’s beacon payload and the gargoyle memory scanning evasion technique.

+ read more

Article

EC2 Policies: security, freedom, and both

By Craig Koorn on 17 July 2018

Amazon's EC2 service is one of many solutions that have enabled us, like many organisations, to readily deploy scalable and on-demand computing infrastructure.

+ read more

Article

Passing-the-Hash to NTLM Authenticated Web Applications

By Christopher Panayi on 11 July 2018

A blog post detailing the practical steps involved in executing a Pass-the-Hash (PtH) attack in Windows/Active Directory environments against web applications that use domain-backed NTLM authentication.

+ read more

Article

EQL Injection (not a typo) and Oracle Endeca

By William Jardine on 13 June 2018

Oracle Endeca is a used by a number of online retailers for implementing search functionality. This post introduces the concept of EQL injection attacks and how to defend against them.

+ read more

Article

Some Brief Notes on WebKit Heap Hardening

By Sam Brown on 13 April 2018

Apple recently pushed some substantial heap hardening changes to the allocator used within WebKit and JavaScriptCore (JSC), luckily just after pwn2own, but in order to target Safari again next year these new hardening changes will need...

+ read more

Article

Enumerating remote access policies through GPO

By William Knowles and Jon Cave on 30 January 2018

When attempting to remain covert as part of a simulated attack it is typically useful to enumerate policies that will influence the outcome of an action before attempting it.  In part to avoid wasting time on...

+ read more

Article

Finding the Low-Hanging Route

By Georgi Geshev on 20 December 2017

The Application Policy Infrastructure Controller Enterprise Module (APIC-EM) is Cisco's SDN controller for enterprise networks, which according to Cisco can solve a myriad of problems by leveraging many bleeding edge technologies.

+ read more