Our Blog

Our news

All you need to know

Sending AM-OOK using Metasploit and rftransceiver

Reading time: ~6 min
Introduction Towards the end of last year, I found myself playing around with some basic amplitude modulation (AM)/On-off keying (OOK)...

Painless intro to the Linux userland heap

Reading time: ~24 min
-1 – Pre-Intro When looking at heap exploit tutorials most of the time I found myself lacking knowledge on the...

Outlook Forms and Shells

Reading time: ~15 min
Using MS Exchange and Outlook to get a foothold in an organisation, or to maintain persistence, has been a go...

The TRITON Won’t Protect You From Our Punches

Reading time: ~10 min
Whilst on a Red Team assessment back in 2015, we were faced with a tough Data Leak Protection (DLP) and...

Liniaal – Empire through Exchange

Reading time: ~7 min
Getting access to an internal network is always great, keeping this access can be a whole other challenge. At times we...

USaBUSe Linux updates

Reading time: ~6 min
(If you’re new to this project, read the intro first) For the past few months, I’ve been working on porting...

Pass the Hash with Ruler

Reading time: ~5 min
Ruler at Troopers17 We are taking Ruler and the abuse of Exchange on a road trip to Germany in March....

Exploiting MS16-098 RGNOBJ Integer Overflow on Windows 8.1 x64 bit by abusing GDI objects

Reading time: ~39 min
Starting from the beginning with no experience whatsoever in kernel land let alone exploiting it, I was always intrigued and...