C:\Users\mr.d0x> whoami_

Microsoft Teams Spoofing Attacks

September 17, 2021

Microsoft Teams does not have any tamper protection to prevent spoofing attacks

Continue Reading →

Leveraging VirtualBox During Engagements

August 4, 2021

If you run into VirtualBox on a machine during an engagement try some of these methods

Continue Reading →

Easy Bounty With Exposed Buckets & Blobs

July 26, 2021

A simple guide on finding exposed AWS S3 buckets and Azure Blobs

Continue Reading →

Discovering Zero-Day Vulnerabilities in McAfee Products

June 9, 2021

Discovery and exploitation of two Zero-Day vulnerabilities affecting Mcafee Agent < 5.7.4 and McAfee Drive Encryption <

Continue Reading →

Spoofing and Attacking With Skype

February 2, 2021

Skype is plagued with spoofing vulnerabilities that Microsoft did not think need 'immediate security servicing'

Continue Reading →

Abusing McAfee Vulnerabilities and Misconfigurations

January 17, 2021

Unpatched or misconfigured McAfee components will make life much easier during a penetration test or red team assessment

Continue Reading →

Dumping LSASS With Adplus Debugging Tool

January 9, 2021

A continuation of my series into abusing Microsoft's debugging tools for red teams. This time I show how to create a memory dump of LSASS with the Adplus debugging tool

Continue Reading →