Cobalt Strike OpSec
Cobalt Strike OpSec & Other Misadventures of Pentesting I’m old enough to know better. Since 2004 I’ve been in various offensive roles in infosec, so OpSec isn’t a new thing […]
Author: Jerry Odegaard
MiniDumpDotNet: Pure CLR Alt – Part 2
MiniDumpDotNet – Part 1 & 2 In MiniDumpDoNet – Part 1, we took a brief look at the MiniDumpWriteDump() Win32 API and considered options for reimplementation for the purposes of […]
MiniDumpDotNet: MiniDumpWriteDump – Part 1
MiniDumpWriteDump The Background Story Throughout 2021 a thought had been bouncing around in my head: why hasn’t anyone reimplemented MiniDumpWriteDump? For those who are not yet familiar, the Win32 API […]
Alternative Execution Macro Saga: Microsoft Web Browser – Part 7
Welcome to the last post in the Alternative Execution Macro Saga series (part 1 – InkPicture, part 2 – WMP, part 3 – Performance Monitor, part 4 – Disable Macros, […]
Alternative Execution Macro Saga: ActiveMovie Control – Part 6
Over the past five blogs (part 1, part 2, part 3, part 4, part 5) of the Alternative Execution Macro Saga, we’ve covered utilizing event handlers for ActiveX controls to obtain code execution in […]
Alternative Execution Macro Saga: CLSID – Part 5
Hello again and thanks for returning to our Alternative Execution Macro Saga series! Over the last few posts, we discussed making use of events from part 1 – InkPicture, part 2 […]
Alternative Execution Macro Saga: Disable Macros – Part 4
Thanks for returning to the Alternative Execution Macro Saga series! Here are parts 1-3 in case you missed them: part 1, part 2, and part 3. It’s been a busy […]
Alternative Execution Macro Saga: Performance Monitor – Part 3
In the last few blogs in our Alternative Execution Macro Saga: (part 1 – InkPicture & part 2 – WMPlayer) we worked through scenarios making use of the ActiveX controls […]
Alternative Execution Macro Saga: Windows Media Player – Part 2
In the previous blog in this Alternative Execution Macro Saga: part 1 – InkPicture, (this is part 2 – WMP, then there’s part 3 – performance monitor, part 4 – disable macros, part 5 – CLSID, […]
Alternative Execution Macro Saga: InkPicture – Part 1
This is the first in a series called the Alternative Execution Macro Saga – if you’re interested in reading the full series the links are here: part 1 – InkPicture, […]