RIPS published details for a PHP object injection vulnerability affecting the WooCommerce WordPr...
In this tutorial I will provide you with a straightforward process that will get you in a position t...
Introduction Of the many advancements in red teaming over the last 12 months, the development of Bl...
RDPUpload is a tool which implements an old technique for uploading files in python. There is nothin...
In part 1, we looked at dynamically extracting table data from a compromised SSRS server. We covere...
SQL Server Reporting Services (SSRS) is a reporting engine designed to allow creation, publication a...
In July we sent 4 of our team to Defcon with the intention of tackling whatever contests we could fi...
As a continuation of our previous post, we wanted to discuss another technique that can help during...
Secarma are getting more requests from customers for product reviews, radio frequency analysis and h...
This month our old friend Dynamic Data Exchange (DDE) within Microsoft’s office suite has been pop...
Theorizing that one could dredge up old vulnerabilities and blog about them, Sam Thomas stepped into...
Recently the world was introduced to ‘Industroyer‘, a malware variant with a focus on compromisi...