Featured Blog

Featured Blog


Mor Davidovich

DLL Notification Injection

New “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and remote processes.

The Path To DA - Part 2: (Relaying) To The Internet And Back

During this engagement, I reached Domain Admin privileges in 6 different ways. In this blog post, however, I will walk you through one of the most interesting ways of the 6 rather than going through all of them.

The Essential Elements of a Successful Penetration Testing Plan

Unlock the secrets of a foolproof penetration testing plan with our comprehensive guide. Learn the essential elements for guaranteed success.


ShorSec Team

The Path To DA - Part 1: SysAdmins Love Generic Passwords

The plan was to run sharphound.exe with the method -c a because why not? Let’s wake up the analysts in the SoC and bring enough coffee for the whole team, otherwise this could get really messy ...

MalRDP: Implementing Rouge RDP Manually

Weaponizing RDP files for phishing and initial access. Based on the work of Mike Felch on Rouge RDP technique.

NTLM Relay and SMB Signing: Don't Let Your Network be a Sitting Duck

In this blog post, we will explore the importance of SMB signing and the dangers of NTLM relay attacks. By understanding these concepts, organizations can better secure their networks and protect themselves against potential threats.


ShorSec Team

It’s all in the details: The curious case of an LSASS dumper gone undetected

Let me first start by saying I will not be revealing in this post any novel techniques or new research that hasn’t been seen before. I will, however, reveal my own methodology when it comes to finding gaps in EDRs visibility in order to bypass detection.

Get informed of the latest news in cyber security

Enter your email address to receive cyber security tips, techniques, and updates

powered by nextbracket.io