Analyzing an RFID scanner: bad habits never die
More than a year ago, BlackArrow’s Red Teamers conducted a security analysis of an RFID scanner used by one of its[...]
BlackArrow's Blog - Page 2
Red team & Threat hunting Blog - offensive security
Ragnarok Stopper: development of a vaccine
The field of reverse engineering and specifically malware analysis within the Incident Response process is of vital impo[...]
A deep dive into disable_functions bypass and PHP exploitation
When performing a penetration test, or a Red Team operation, multiple tools (webshells, proxysocks to tunnel TCP traffic[...]
Lateral movement via MSSQL: a tale of CLR and socket reuse
Recently, our Red Teamers had to deal with a restricted scenario, where all traffic from the DMZ to the main network was[...]
Kerberos (III): How does delegation work?
Introduction to Kerberos delegation There are several kinds of delegation implemented by using the Kerberos protocol on [...]
Vulnerabilities in Ampache (<=3.9.1)
During a Red Team operation, multiple vulnerabilities where discovered in Ampache, an open source web platform for audio[...]
