10 July 2018

A Password Hidden Among Other Binary DataThis post will detail the password filter implant project we developed recently. Our password filter is used to exfiltrate Active Directory credentials through DNS. This text will discuss the technicalities of the project as well as my personal experience developing it.

March 22, 2016

As a follow-up to the conference given at Confoo few weeks ago, we are doing a focus article on the same topic. The presentation was giving an overview of the modern XSS attack vectors and filter bypass. In this blog post, we will take a closer look at XSS in the context of .NET applications.

This article is intended to be a simple checklist for ASP.net MVC developers or security auditors. Defensive measures can be put in place at various layers including the template files (Razor or ASPx Forms), the Request Validation feature and the client-side (browser) filters.

February 26, 2016

At GoSecure we believe that improving the security posture of Canadian companies has to happen through better security awareness and education of IT professionals.

This is why that, in addition of running our own conference GoSec in Montreal, we are major sponsors of top community conferences like AtlSecCon (Halifax, NS) and NorthSec (Montreal, QC).

January 13, 2016

Our own Olivier Bilodeau will be presenting with Thomas Dupuy of ESET Canada Reseach about malware affecting "Internet of Things" (IoT) devices. A free event hosted by OWASP Montréal in downtown Montreal.