Our Blog

Guest vs Null session on Windows

Reading time: ~9 min
If you have been doing internal assessments on Active Directory infrastructure you may have heard the following words: “Null session”,...

From Discovery to Disclosure: ReCrystallize Server Vulnerabilities

Reading time: ~11 min
TL&DR – While on an assessment, I found an instance of ReCrystallize Server. It had many problems, some of which...

Mail in the Middle – A tool to automate spear phishing campaigns

Reading time: ~15 min
Context In the chilly month of December 2023, my colleagues Jason (@BreakerOfSigns), Szymon (@TH3_GOAT_FARM3R), and myself (@felmoltor) were on a...

Serial PitM

Reading time: ~20 min
Sometimes you need to get in the way of a hardware device and its controller, and see what it has...

Sensecon 23: from Windows drivers to an almost fully working EDR

Reading time: ~54 min
TL;DR I wanted to better understand EDR’s so I built a dummy EDR and talk about it here. EDR (Endpoint...