Software: Ivanti Endpoint Manager Affected Versions: <= 2020.1; <= 2019.1.3 Vendor page: www.ivanti.com CVE Reference: CVE-2020-13774 Published: 12/11/2020 CVSS 3.1 Score: 9.9 – AV:N/AC:L/PR:...

Software: Ivanti Unified Endpoint Manager Affected Versions: <= 2020.1.1 Vendor page: www.ivanti.com CVE Reference: CVE-2020-13770 Published: 11/11/2020 CVSS 3.1 Score: 8.8 – AV:L/AC:L/PR:L/UI:N...

Software: Ivanti Unified Endpoint Manager Affected Versions: <= 2020.1.1 Vendor page: www.ivanti.com CVE Reference: CVE-2020-13771 Published: 11/11/2020 CVSS 3.1 Score: 8.1 – AV:L/AC:H/PR:N/UI:N...

The Event Log coupled with Windows Event Forwarding and Sysmon can be extremely powerful in the hands of defenders, allowing them to detect attackers every step of the way. Obviously this is an iss...

Malware is an important part of an engagement, though as many security solutions are now evolving past rudimentary signature comparisons to using more advanced techniques to detect malicious activi...

The project currently code-named Thunder Eye is a threat intelligence aggregator that will act as an internal and external search engine for a variety of intelligence purposes. It will collect and ...

An API hooking framework, composed by a Windows driver component for library injection, a DLL file for function hooking and reporting, and a web service presenting a user interface and managing the...

This project can be found on github Post exploitation is large part of a red team engagement. While many organisations begin to mature and start to deploy a range of sophisticated Endpoint Detecti...

Author: Thom (@rootkid8), Sysmon Mastery Help from Rana (@sec_coffee) Introduction Even before my birth, rootkits have been one of the most sophisticated and successful ways of obtaining persiste...

In this blog post, we’re going to detail a cool little trick we came across on how to bypass most antivirus products to get a Metepreter reverse shell on a target host. This all started when we cam...