Our Blog

Our news

All you need to know

Resurrecting an old AMSI Bypass

Reading time: ~10 min
While working on DoubleAgent as part of the Introduction To Red Teaming course we’re developing for RingZer0, I had a...

Being Stubborn Pays Off pt. 2 – Tale of two 0days on PRTG Network Monitor

Reading time: ~12 min
Intro Last year I wrote how to weaponize CVE-2018-19204. This blog post will continue and elaborate on the finding and...

Making the Perfect Red Team Dropbox (Part 1)

Reading time: ~11 min
As part of our preparations for our upcoming RingZer0 “Q Division” Training, I have been working on making a software...

Hack-From-Home Challenge Walk Through

Reading time: ~8 min
On the 27th of April 2020 SensePost created a CTF challenge (https://challenge.sensepost.com) for the public. The names of those who...

Masquerading Windows processes like a DoubleAgent.

Reading time: ~17 min
I’ve been spending some time building new content for our Introduction to Red Teaming course, which has been great for...

Attacking smart cards in active directory

Reading time: ~9 min
Introduction Recently, I encountered a fully password-less environment. Every employee in this company had their own smart card that they...

Chaining multiple techniques and tools for domain takeover using RBCD

Reading time: ~26 min
Intro In this blog post I want to show a simulation of a real-world Resource Based Constrained Delegation attack scenario...

Intro to Chrome’s V8 from an exploit development angle

Reading time: ~14 min
Intro Last Christmas I was doing quite a bit of research around an exploit for Chrome’s JavaScript engine, V8. While...

[Dual-Pod-Shock] Emotional abuse of a DualShock

Reading time: ~35 min
Hacking PlayStation DualShock controllers to stream audio to their internal speakers. Ciao a tutti. Introduction I didn’t really know what...