Ragnarok Stopper: development of a vaccine
The field of reverse engineering and specifically malware analysis within the Incident Response process is of vital impo[...]
BlackArrow's Blog - Page 2
Red team & Threat hunting Blog - offensive security
A deep dive into disable_functions bypass and PHP exploitation
When performing a penetration test, or a Red Team operation, multiple tools (webshells, proxysocks to tunnel TCP traffic[...]
Lateral movement via MSSQL: a tale of CLR and socket reuse
Recently, our Red Team had to deal with a restricted scenario, where all traffic from the DMZ to the main network was bl[...]
Kerberos (III): How does delegation work?
Introduction to Kerberos delegation There are several kinds of delegation implemented by using the Kerberos protocol on [...]
Vulnerabilities in Ampache (<=3.9.1)
During a Red Team operation, multiple vulnerabilities where discovered in Ampache, an open source web platform for audio[...]
Red Team Tales 0x02: from SQLi to Domain Admin
One of the activities included in the operation of the Tarlogic Red Team is the search for vulnerabilities in the softwa[...]