Our Blog

Dress Code – The Talk

Reading time: ~33 min

Posted by Felipe Molina on 23 August 2023

Categories: Bypass, Csp, Talks, Webapps

TL;DR This post is a summary of the contents of my talk in Defcon 31 AppSec Village last August 2023,...

Reading time: ~8 min

Posted by Shaun Kammerling on 28 January 2021

Categories: Bypass, Duo

It’s too easy when hacking, to assume something is invulnerable and not interrogate it. This was the case for me...

Reading time: ~11 min

Posted by Philippe Vogler on 24 June 2020

Categories: Amsi, Bypass, Powershell

While working on DoubleAgent as part of the Introduction To Red Teaming course we’re developing for RingZer0, I had a...

Reading time: ~12 min

Posted by Leon Jacobs on 24 October 2018

Categories: Bypass, Command execution, Dns, Experiment, Ioc, Malware, Research, Tools, Tunnelling

or DNS exfiltration over DNS over HTTPS (DoH) with godoh “Exfiltration Over Alternate Protocol” techniques such as using the Domain...

Reading time: ~3 min

Posted by Rogan Dawes on 06 October 2017

Categories: Build-it, Burp, Bypass, Certificates, Crypto, Mitm, Tools, Tricks

Sometimes on an engagement, you’d like to construct a believable certificate chain, that you have the matching private keys for....

Reading time: ~10 min

Posted by saif on 06 April 2017

Categories: Analysis, Bypass, Research

Whilst on a Red Team assessment back in 2015, we were faced with a tough Data Leak Protection (DLP) and...

Please select your enquiry type, and we'll get back to you as soon as possible

Park Lane West, 197 Amarand Ave, Waterkloof Glen, Pretoria, South Africa

SensePost, 250 Waterloo Road, SE1 8RD, London, United Kingdom

183 Albion Springs Corner Main Road &, Albion Springs Cl,, Rondebosch, Cape Town, South Africa