So you think you can block Macros? For the purpose of securing Microsoft Office installs we see many of our customers moving to a ma... 2023-4-25 18:30:30 | 阅读: 11 | 收藏 | Outflank Blog - outflank.nl macros microsoft security xlam xla

Attacking Visual Studio for Initial Access In this blog post we will demonstrate how compiling, reverse engineering or even just viewing sou... 2023-3-28 18:6:19 | 阅读: 12 | 收藏 | Outflank Blog - outflank.nl library moniker microsoft loadtypelib malicious

A phishing document signed by Microsoft – part 2 | January 7, 2022This is the second part of our blog series in which we walk you through... 2022-1-7 18:13:16 | 阅读: 33 | 收藏 | outflank.nl xll xlam excel4 microsoft remote

A phishing document signed by Microsoft – part 1 | December 9, 2021This blog post is part of series of two posts that describe weaknesses... 2021-12-09 21:27:34 | 阅读: 49 | 收藏 | outflank.nl xll microsoft xlam attacker

Our reasoning for Outflank Security Tooling | April 2, 2021TLDR: We open up our internal toolkit commercially to other red teams. Th... 2021-04-02 21:26:14 | 阅读: 185 | 收藏 | outflank.nl ost toolset outflank heavy teaming

Catching red teams with honeypots part 1: local recon | March 3, 2021This post is the first part of a series in which we will cover the concep... 2021-03-04 00:16:10 | 阅读: 117 | 收藏 | outflank.nl windows attacker sacl configuring applocker

Direct Syscalls in Beacon Object Files | December 26, 2020In this post we will explore the use of direct system calls within Co... 2020-12-26 19:47:08 | 阅读: 200 | 收藏 | outflank.nl beacon assembler cobalt syswhispers

RedELK Part 3 – Achieving operational oversight | April 7, 2020This is part 3 of a multipart blog series on RedELK: Outflank’s open sour... 2020-04-08 00:08:18 | 阅读: 102 | 收藏 | outflank.nl redelk c2 cobalt beacon redirector

Mark-of-the-Web from a red team’s perspective | March 30, 2020Zone Identifier Alternate Data Stream information, commonly referred to... 2020-03-30 18:37:57 | 阅读: 117 | 收藏 | outflank.nl motw security windows payload alternate

Red Team Tactics: Advanced process monitoring techniques in offensive operations | March 11, 2020In this blog post we are going to explore the power of well-known proces... 2020-03-12 03:44:20 | 阅读: 93 | 收藏 | outflank.nl processes security loaded network cobalt

RedELK Part 2 – getting you up and running | February 28, 2020This is part 2 of a multipart blog series on RedELK: Outflank’s open... 2020-02-28 22:58:52 | 阅读: 105 | 收藏 | outflank.nl redelk c2 redir filebeat

Abusing the SYLK file format | October 30, 2019This blog is about the SYLK file format, a file format from the 1980s... 2019-10-30 18:10:06 | 阅读: 93 | 收藏 | outflank.nl sylk macros security slk shellcode

Publications | Outflank | June 19, 2019In this blog post we will explore the use of direct system calls, restore... 2019-06-22 00:40:21 | 阅读: 249 | 收藏 | outflank.nl memory dumpert shellcode windows srdi