Posted on : by : Lion

There is a privilege escalation vulnerability in the Windows Certificate Dialog allowing an attacker to easily elevate privileges to NT AUTHORITY\SYSTEM, it is documented as CVE-2019-1388. This is a good video demonstrating the issue: in this case they useRead More

App.Any.Run Heavy Anti-Evasion easy bypass

The goal of the research was to create a small dropper that creates no detection within the famous App.Any.Run Sandbox solution but can still determine if its running in the sandbox or not.For now, i cant tell if that alsoRead More

Empire C&C server detection

Posted on by : Lion Tags: , ,

While currently attending SANS SEC660 we did play a lot with empire post exploitation framework on the second day. So i used the time between the lab challenges today to play a bit with the C&C server. Detect Empire C&CRead More

Cyber Defense NetWars Review Tokio 2019

Posted on : by : Lion

“I am the watcher of the walls, i am the sword in the darkness” While attending the SANS course SEC660, Advanced Penetration Testing, Exploit Writing, and Ethical Hacking in Tokyo, i also took part in the Cyber Defense NetWars challenge.Read More