In this post, we describe the new RDP man-in-the-middle and library project we developed and open sourced. Our MITM features a file stealer, a clipboard stealer and the ability to watch RDP sessions either live or after the fact. It is used as part of our RDP honeypot. In this post, we also describe an incident with a malicious user that infected our honeypot.
April 05, 2016
AtlSecCon is almost there! Philippe and I are pretty excited to be speaking there this year!
March 22, 2016
As a follow-up to the conference given at Confoo few weeks ago, we are doing a focus article on the same topic. The presentation was giving an overview of the modern XSS attack vectors and filter bypass. In this blog post, we will take a closer look at XSS in the context of .NET applications.
This article is intended to be a simple checklist for ASP.net MVC developers or security auditors. Defensive measures can be put in place at various layers including the template files (Razor or ASPx Forms), the Request Validation feature and the client-side (browser) filters.
February 26, 2016
At GoSecure we believe that improving the security posture of Canadian companies has to happen through better security awareness and education of IT professionals.
This is why that, in addition of running our own conference GoSec in Montreal, we are major sponsors of top community conferences like AtlSecCon (Halifax, NS) and NorthSec (Montreal, QC).