CIMplant Part 3: Good Ol' maxEnvelopeSize to Ruin the Day 06 April 2021This is the last part in the three part series on CIMplant. If you haven't seen the p... 2021-04-06 22:50:47 | 阅读: 125 | 收藏 | fortynorthsecurity.com cimplant cim insight

A Limitation of Penetration Tests: Part 1 22 March 2021Penetration testing and other offensive cybersecurity assessments form an important c... 2021-03-23 00:30:00 | 阅读: 146 | 收藏 | fortynorthsecurity.com security magecart software malicious

CIMplant Part 2: A Deeper Look into the Creation 08 March 2021In the second part of our CIMplant series we'll take a deeper dive into the code of C... 2021-03-09 01:43:31 | 阅读: 156 | 收藏 | fortynorthsecurity.com cim cimplant planter powershell mi

CIMplant Part 1: Detection of a C# Implementation of WMImplant 16 February 2021Windows Management Instrumentation (WMI) has been around for several years as a w... 2021-02-17 00:43:22 | 阅读: 212 | 收藏 | fortynorthsecurity.com cimplant remote wmimplant windows cim

FortyNorth Half Price Training Competition 01 January 2021Many of us at FortyNorth Security became familiar with hacking concepts by particip... 2021-01-02 01:06:30 | 阅读: 198 | 收藏 | fortynorthsecurity.com eyewitness blow winners fortynorth

Fastly and Fronting 15 December 2020Domain fronting has been around for some time now. It has its legitimate use cases... 2020-12-15 20:51:26 | 阅读: 188 | 收藏 | fortynorthsecurity.com fastly cname fronting teamserver subdomain

A CVE in our Executive Summary 07 December 2020If you clicked to read this blog post, my guess is that you're expecting a tale ab... 2020-12-07 21:45:01 | 阅读: 237 | 收藏 | fortynorthsecurity.com security summaries operational client

Quick Guide to Security Headers - Part Two 16 November 2020In our last post, we explored 3 of the most important security headers: Content-Se... 2020-11-17 00:58:37 | 阅读: 240 | 收藏 | fortynorthsecurity.com security referrer rendered sniffing malicious

MalDoc Fu - Some Ideas for Malicious Document Delivery 02 November 2020"Hey, can you review this document? You might have to enable macros due to forma... 2020-11-02 22:41:59 | 阅读: 385 | 收藏 | fortynorthsecurity.com dim payload malicious inlineshape

Hot Manchego 26 October 2020tl;dr: Create a macro-enabled Excel workbook using the .NET library EPPlus to bypas... 2020-10-26 22:31:50 | 阅读: 187 | 收藏 | fortynorthsecurity.com epplus workbook nviso microsoft workbooks

Incoming .NET SQLClient 13 July 2020The github repo for SQLClient is available here - https://github.com/FortyNorthSecurit... 2020-07-13 22:21:15 | 阅读: 173 | 收藏 | fortynorthsecurity.com database sqlclient beacon cobalt remote

Intro to Proxmark3 RDV4: Part 3 - Practical Applications using ProxmarkWrapper 29 June 2020In this post, we'll go over creating a more covert application for the Proxmark3 using... 2020-06-29 21:09:20 | 阅读: 166 | 收藏 | fortynorthsecurity.com proxmark3 captured rdv4 proxmark

Creating an Internal Pen Test VM with Ngrok 09 June 2020Hello everyone. With the severity of the Covid-19 virus and people trying to work from... 2020-06-09 22:06:54 | 阅读: 172 | 收藏 | fortynorthsecurity.com ngrok ssh remote nomachine download

XLM (Excel 4.0) Macro Generator for Phishing Campaigns 26 May 2020tl;dr EXCELntDonut takes C# source code as an input, converts it into shellcode, and ge... 2020-05-26 21:52:05 | 阅读: 220 | 收藏 | fortynorthsecurity.com xlm macros shellcode memory

Screenshooter: The Beacon Screenshot Savior 12 May 2020A C# tool to screenshot user's desktop(s) complete with multiple checks. Will work with... 2020-05-12 21:35:05 | 阅读: 166 | 收藏 | fortynorthsecurity.com beacon tscon monitors

Quick Guide to Security Headers - Part One 04 May 2020A month ago, we finished a series of six web application assessments for local and regi... 2020-05-04 21:18:16 | 阅读: 165 | 收藏 | fortynorthsecurity.com security attacker hsts mozilla

Remotely Host MSBuild Payloads 27 April 2020tl;dr Separate your C# payload from a MSBuild XML file and host it remotely on a WebD... 2020-04-27 21:10:32 | 阅读: 171 | 收藏 | fortynorthsecurity.com msbuild webdav payload microsoft bypass

EyeWitness - Potential Modifications 20 April 2020This is the second post in relation to the new .Net implementation of EyeWitness and... 2020-04-20 23:24:19 | 阅读: 148 | 收藏 | fortynorthsecurity.com eyewitness windows categorize beacon captured

Ngrok for Local Infrastructure 14 April 2020IntroductionHello, meet ngrok (https://ngrok.com/), an easy way to tunnel traffic fro... 2020-04-14 20:57:20 | 阅读: 160 | 收藏 | fortynorthsecurity.com ngrok teamserver beacon tunnels

MiddleOut: a C# Compression Tool 06 April 2020MiddleOut (a salute to Silicon Valley) is a tool written in C# that compresses any nu... 2020-04-06 23:27:04 | 阅读: 160 | 收藏 | fortynorthsecurity.com middleout loops zipping wildcards