19 December 2018

In this post, we describe the new RDP man-in-the-middle and library project we developed and open sourced. Our MITM features a file stealer, a clipboard stealer and the ability to watch RDP sessions either live or after the fact. It is used as part of our RDP honeypot. In this post, we also describe an incident with a malicious user that infected our honeypot.

October 12, 2016

Our old blog was officially migrated into its new home in our website! Our previous blog will redirect you here automatically.

Remember to update your bookmarks.

June 28, 2016

Content Security Policy (CSP)  is a HTTP header that instruct the browser to limit resource loading of media, styles and scripts.

As you may know, CSP is not adopted yet by industry. Multiple surveys have already been made about the adoption of the security header [1] [2] [3]. Even so, it does not mean that we cannot prepare ourselves for the technology. For this purpose, we have built a Burp and ZAP extension to automate the most common validations called CSP Auditor.

May 26, 2016

In this article, we will be looking at the strategies to detect and analyze malware hidden inside an OPcache file. If you haven't read our previous article about hiding a binary webshell inside a PHP7 OPcache file, we suggest reading it before moving on.