When is Clickjacking NOT a concern?
According to Microsoft, when it involves more than 1 click. That’s the feedback I received when I recently submitted a Clickjacking bug to Microsoft’s Security team. This particular Clickjacking bug,...
View ArticleFun With Teensy
Introduction I’ve been wanting to write about the Teensy and its application in security testing or some time now. It’s extremely useful for executing scripts on a target machine without the need for...
View ArticleWindows Exploit Development – Part 7: Unicode Buffer Overflows
Introduction In this seventh installment of the Windows Exploit Development Series, I’ll introduce Unicode Buffer Overflows. We’ll start with a brief introduction to Unicode (what it is and why/how...
View ArticlepeCloak.py – An Experiment in AV Evasion
Introduction I just wrapped up the Offensive Security Cracking The Perimeter (CTP) course and one of the topics was AV evasion. Although I write a lot of custom scripts and tools, when it comes to AV...
View ArticlePhishing with Macros and Powershell
Over the past 6 months, it seems we’ve been experiencing a resurgence of macro-based malware, possibly because it’s such a simple and proven means of delivering a phishing payload to large...
View ArticleAbusing Microsoft Office DDE
Introduction Earlier this month I came across a post by the team at SensePost outlining their macro-less code execution technique using the antiquated DDE feature of Microsoft Word. As you may be...
View Article