The JUMPSEC Lab is a place where the the technical team get creative and showcase their latest security research, publications, interesting news and general thoughts!  We love what we do and are passionate about security, with some great upcoming projects planned, bookmark our site and stick around to see what we are working on.

Win a place @HackFu 2021 Community Edition!

Hello world!At JUMPSEC we’ve managed to get our hands on tickets to what is probably the greatest cyber security event in the calendar, HackFu!In order to be in with a chance of winning you simply need to complete the following challenge which you can download here (the download contains all the information needed to complete the challenge): https://drive.google.com/file/d/1WFU23lFzGtxW4U5_FPzlbM4auHSZTiGt/view?usp=sharing The deadline for submissions is 6th January 2021, we will announce the lucky winner on 8th January 2021. You don't need to but feel free to add a bit of detail on your submission - we love hearing about the creative ways in which people solve our challenges.In order to be eligible to win a HackFu ticket you must be able to attend HackFu on Friday 29th January 2021 between 09:30 and 17:30 GMT (it is an online event due to the global pandemic) and you must be at least...

read more


Post exploitation is large part of a red team engagement. While many organisations begin to mature and start to deploy a range of sophisticated Endpoint Detection & Response solutions (EDR) onto their networks, it requires us, as attackers to also mature. We need to upgrade our arsenal to give us the capabilities to successfully operate on their networks. That is why today, I am releasing shad0w.

shad0w is a post exploitation framework which is designed to operate covertly on such networks, providing the operator with much greater control over their engagements. Over future blog posts I will go into greater detail on the intricacies of how shad0w works. This blog post will, therefore, serve as an introduction into the usage and features that shad0w has to offer.

read more

Bypassing Antivirus with Golang – Gopher it!

In this blog post, we’re going to detail a cool little trick we came across on how to bypass most antivirus products to get a Metepreter reverse shell on a target host. This all started when we came across a Github repository written in Golang, which on execution could inject shellcode into running processes. By simply generating a payload with msfvenom we tested it and found that it was easily...

read more

Enhanced logging to detect common attacks on Active Directory– Part 1

In this blog post I am going to tackle the topic of detecting common attacks using Active Directory logs. It is important to understand the power of data in InfoSec world. Too much data means you’ll be spending rest of the week digging through millions of log entries to try and figure out what the adversary was up to. You can set filters to help you through this, however it can get...

read more

Short introduction to Network Forensics and Indicators of Compromise (IoC)

“Indicator of compromise (IOC) in computer forensics is an artifact observed on a network or in an operating system that with high confidence indicates a computer intrusion. Typical IOCs are virus signatures and IP addresses, MD5 hashes of malware files or URLs or domain names of botnet command and control servers. After IOCs have been identified in a process of incident response and computer...

read more

CVE 2015-7547 glibc getaddrinfo() DNS Vulnerability

Hello w0rld! JUMPSEC researchers have spent some time on the glibc DNS vulnerability indexed as CVE 2015-7547 (It hasn’t got a cool name like GHOST unfortunately…). It appears to be a highly critical vulnerability and covers a large number of systems. It allows remote code execution by a stack-based overflow in the client side DNS resolver. In this post we would like to present our analysis....

read more

Research and Development

Hello w0rld. On this post we would like to let you know our areas of research and the research projects that we are working on currently. For 2016 we are planning to develop tools that will be used in our tests. Our areas of interest can be highlighted as: AntiVirus Detection and Evasion techniques (sandbox detection, etc) Packers, anti-debugging, anti-disassembly and binary obfuscation Network...

read more

Covert channels – (Mis)Using ICMP protocol for file transfers with scapy

Hello w0rld. In this post I will show how it is possible to (mis)use ICMP protocol for file transfers with scapy. “In computer security, a covert channel is a type of computer security attack that creates a capability to transfer information objects between processes that are not supposed to be allowed to communicate by the computer security policy.” Source: Wikipedia I have to give...

read more

GitHub Activity

JumpsecLabs made JumpsecLabs/python-burp public Apr 28, 2021

Repository containing sample scripts for use with the Python Scripter Burp Suite extension.

Python 1 Updated Apr 28

JumpsecLabs pushed to main in JumpsecLabs/python-burp Apr 28, 2021
1 commit to main



4 weeks ago
Notification Emergency Patch -VMware vCenter
VMware has released a well-documented blog post with advice on how to patch this vulnerability: https://t.co/MmGKYzTLfy
Severity: High. Exploit code public.
@VMwarevSphere #vulnerability #cybernews
7 months ago
Detecting known DLL hijacking and named pipe token impersonation attacks with Sysmon https://t.co/zaCERBG3ys #sysmon #blueteam #privesc #detection
7 months ago
Advisory CVE-2020-13773 – Ivanti Unified Endpoint Manager Reflected XSS https://t.co/gpqpRsoalK #ivanti #landesk #cve #xss
7 months ago
Advisory CVE-2020-13769 – Ivanti Unified Endpoint Manager SQL injection https://t.co/ViP2ZH2M8o #ivanti #landesk #cve #sqli


The information provided on this website is to be used for educational purposes only. The author is in no way responsible for any misuse of the information provided. Any actions and or activities related to the material contained within this website is solely your responsibility.