Research & Tradecraft

Research & Tradecraft

Methodology for Static Reverse Engineering of Windows Kernel Drivers

Introduction Attacks against Windows kernel mode software drivers, especially those published by third parties, have been...

By: Matt Hand

Apr 15, 2020 • 15 min read

Research & Tradecraft

Through the Looking Glass

By: Luke Paine

Mar 11, 2020 • 9 min read

Research & Tradecraft

Abusing Slack for Offensive Operations

By: Cody Thomas

Mar 4, 2020 • 9 min read

Research & Tradecraft

Detection Spectrum

By: Jared Atkinson

Feb 21, 2020 • 11 min read

Research & Tradecraft

War Never Changes: Attacks Against WPA3’s “Enhanced Open” — Part 3: OWE Nearly Indistinguishable From Open Wireless In Terms of Risk

In early 2019, myself and fellow Denver-based researcher Steve Darracott (@theDarracott) set out to answer the question...

By: Gabriel Ryan

Feb 12, 2020 • 12 min read

Research & Tradecraft

Capability Abstraction

By: Jared Atkinson

Feb 6, 2020 • 15 min read

Research & Tradecraft

Ghostwriter: 2020 Feature Update

We introduced Ghostwriter in July 2019 when we felt it was a good v1.0, but active development never...

By: Christopher Maddalena

Jan 29, 2020 • 8 min read

Research & Tradecraft

Move faster, Stay longer

By: Steven Flores

Jan 27, 2020 • 20 min read

Research & Tradecraft

Revisiting Remote Desktop Lateral Movement

It’s no secret that attackers are looking for new techniques to execute lateral movement. However, there...

By: Steven Flores

Jan 22, 2020 • 8 min read