Introducing Goffloader: A Pure Go Implementation of an In-Memory COFFLoader and PE Loader
We are excited to announce the release of Goffloader, a pure Go implementation of an in-memory COFFLoader and PE loader. This tool is designed to facilitate the easy execution of Cobalt Strike ...
3CX Phone System Local Privilege Escalation Vulnerability
Overview In an effort to safeguard our customers, we perform proactive vulnerability research with the goal of identifying zero-day vulnerabilities that are likely to impact the security of leading organizations. Recently, we ...
Embracing the Future: The Power of a Global Workforce in Cybersecurity
In an era of rapid technological advancement and an ever-evolving threat landscape, the traditional work and talent management paradigms are being redefined. The world has never been more connected, while data, information, ...
Exploiting Lambda Functions for Fun and Profit
Overview Praetorian recently performed an assessment of a platform responsible for downloading and building untrusted, user-supplied code. The client was concerned about the possibility of attackers leveraging this process to compromise the ...
Account Takeover via Broken Authentication Workflow: Free Lifetime Streaming!
Overview Nowadays, the convenience of streaming applications on our mobile and web applications has become an integral part of our entertainment experience. However, this experience can come at a cost if we ...
Drop the Mic (CVE-2019-1166)
Overview CVE-2019-1166 (“Drop the MIC”) is a tampering vulnerability in Microsoft Windows, specifically targeting the NTLM (NT LAN Manager) authentication protocol. The vulnerability allows a man-in-the-middle attacker to bypass the NTLM Message ...
Amazon Cloud Integration Capability with Chariot
On March 22nd, 2019, CapitalOne experienced a data breach that resulted in the loss of more than 100 million credit card applications. This vulnerability resulted from a misconfigured web application firewall, which ...
Adjacent Discovery Capability with Chariot
Gaining a comprehensive understanding of the external assets in an environment is essential for accurately mapping the attack surface of our clients. If you don’t know something exists, you can’t attack or ...
Exploiting Broken Authentication Control In GraphQL
Overview The implementation of GraphQL in enterprise systems has grown rapidly. A recent report from Gartner predicted that at least 50% of enterprises will be implementing GraphQL in their production environments by ...
Recursive Amplification Attacks: Botnet-as-a-Service
Introduction On a recent client engagement, we tested a startup’s up-and-coming SaaS data platform and discovered an alarming attack path. The specific feature names and technologies have been generalized to anonymize the ...