- Microsoft Office Online Server Remote Code Execution https://www.mdsec.co.uk/2022/10/microsoft-office-online-server-remote-code-execution/ 3 comments netsec
- Bypassing Image Load Kernel Callbacks - @MDSecLabs https://www.mdsec.co.uk/2021/06/bypassing-image-load-kernel-callbacks/ 6 comments netsec
- Farming for Red Teams: Harvesting NetNTLM - @MDSecLabs https://www.mdsec.co.uk/2021/02/farming-for-red-teams-harvesting-netntlm/ 3 comments netsec
- macOS Post-Exploitation Shenanigans with VSCode Extensions https://www.mdsec.co.uk/2021/01/macos-post-exploitation-shenanigans-with-vscode-extensions/ 2 comments netsec
- Deep Dive in to Citrix ADC Remote Code Execution, CVE-2019-19781 https://www.mdsec.co.uk/2020/01/deep-dive-to-citrix-adc-remote-code-execution-cve-2019-19781/ 3 comments netsec
- RdpThief: Extracting Clear-text Credentials from Remote Desktop Clients https://www.mdsec.co.uk/2019/11/rdpthief-extracting-clear-text-credentials-from-remote-desktop-clients/ 10 comments netsec
- Silencing Cylance: A Case Study in Modern EDRs https://www.mdsec.co.uk/2019/03/silencing-cylance-a-case-study-in-modern-edrs/ 3 comments netsec
- Serverless Red Team Infrastructure https://www.mdsec.co.uk/2018/09/serverless-red-team-infrastructure-part-1-web-bugs/ 11 comments netsec
- Disabling MacOS SIP via a VirtualBox kext Vulnerability https://www.mdsec.co.uk/2018/08/disabling-macos-sip-via-a-virtualbox-kext-vulnerability/ 3 comments netsec
- SharpShooter - a weaponised payload generation framework with anti-sandbox analysis, staged and stageless payload execution and support for evading ingress monitoring [See comment for Sources] https://www.mdsec.co.uk/2018/03/payload-generation-using-sharpshooter/ 7 comments netsec
- Adobe Flash Exploitation, Then and Now: From CVE-2015-5119 to CVE-2018-4878 https://www.mdsec.co.uk/2018/02/adobe-flash-exploitation-then-and-now-from-cve-2015-5119-to-cve-2018-4878/ 5 comments netsec
- Exploiting CVE-2017-8759: SOAP WSDL Parser Code Injection by MDSec ActiveBreach https://www.mdsec.co.uk/2017/09/exploiting-cve-2017-8759-soap-wsdl-parser-code-injection/ 12 comments netsec
- Introducing ANGRYPUPPY https://www.mdsec.co.uk/2017/08/introducing-angrypuppy/ 3 comments netsec
- Categorisation is not a Security Boundary https://www.mdsec.co.uk/2017/07/categorisation-is-not-a-security-boundary/ 8 comments netsec
- Payload Generation with CACTUSTORCH https://www.mdsec.co.uk/2017/07/payload-generation-with-cactustorch/ 3 comments netsec
- RDPInception Attack https://www.mdsec.co.uk/2017/06/rdpinception/ 18 comments netsec
- Exploiting CVE-2017-0199 https://www.mdsec.co.uk/2017/04/exploiting-cve-2017-0199-hta-handler-vulnerability/ 18 comments netsec
- Penetration Testing Skype for Business: Exploiting the Missing Lync https://www.mdsec.co.uk/2017/04/penetration-testing-skype-for-business-exploiting-the-missing-lync/ 8 comments netsec
- Domain Fronting via Cloudfront Alternate Domains https://www.mdsec.co.uk/2017/02/domain-fronting-via-cloudfront-alternate-domains/ 15 comments netsec
- Building an IoT Botnet: BSides Manchester 2016 https://www.mdsec.co.uk/2016/10/building-an-iot-botnet-bsides-manchester-2016/ 5 comments netsec
- Protected Mode: A Case of When No Means Yes https://www.mdsec.co.uk/2015/12/protected-mode-a-case-of-when-no-means-yes/ 6 comments netsec
- An Introduction to Hardware Hacking: the RIPE Atlas Probe https://www.mdsec.co.uk/2015/09/an-introduction-to-hardware-hacking-the-ripe-atlas-probe/ 17 comments netsec