Clik here to view.
msxsl.exe Working As Designed.
So, I recently was exploring XSL, and injection and came across several interesting references.<msxsl:script> ElementXSLT Script Block SampleThe basic gist, and what I think is interesting is...
View ArticleClik here to view.
Banned File Execution via InstallUtil.exe Nov 11, 2014 12:58 AM
I was going through some of my old research today, and thought I might share the genesis of one of my older findings. I thought maybe it would be helpful to share my thinking and motivation for some...
View ArticleClik here to view.
Demogorgon - A Stranger Things Inspired Tool, Coming Soon.
******This tool is inspired by the show "Stranger Things". There are spoilers, so, if you want to watch the show, read no further.You were warned. :-)******First some background. If you haven't seen...
View ArticleClik here to view.
dbghost.exe - Ghost And The Darkness
I found another Device Guard bypass recently. It was great to get to work with MSRC to get confirmation of the bypass, and to have them update the Device Guard configurations here:Device Guard...
View ArticleClik here to view.
CLRGuard - Let's Kick the Door Down. Part One
I really like this tool! Let me start with that. ;-)I really appreciate Joe Desimone ( @dez_ ) and EndGame making this available open source.First, check this DerbyCon 2017 Talk out, it will help you...
View Article