10 January 2018

Privilege "escalation"The latest VMware Horizon vulnerability is via an attack vector that shouldn't be overlooked: bad Windows process handles management. In this article, you will find all the details around CVE-2017-4946 which was discovered and exploited by Martin Lemay during a pentest engagement.

April 26, 2017

A Bank VaultBeyond securing the infrastructure, how can one defend their applications against hackers? The answer is: the proper design of the application’s source code. There you have it: application security. Read more...

March 22, 2017

In this blog post, a new approach to help scanning for deserialization bugs with DNS exfiltration is presented. Along with the explanations, a scanning tool is released that could help both the defensive and the auditing teams in your enterprise.

February 16, 2017

Malboxes LogoWe are announcing the first "official" release of malboxes, a tool meant to help build safe and featureful Windows machines for malware analysis. Accessible to anyone, it even uses trial versions of Windows if one doesn’t have his own license. Click to read more.