Everything you care about in one place

Follow feeds: blogs, news, RSS and more. An effortless way to read and digest content of your choice.

Get Feeder

blog.xpnsec.com

Get the latest updates from directly as they happen.

Follow now 137 followers

Latest posts

Last updated 8 months ago

Identity Providers for RedTeamers

8 months ago

Originally presented at SOCON-2024, and continuing the series into post-exploitation techniques against...

MacOS "DirtyNIB" Vulnerability

about 1 year ago

While looking for avenues of injecting code into platform binaries back in...

Okta for Red Teamers

about 1 year ago

In this blog post, I'll discuss some of the post-exploitation techniques that...

LAPS 2.0 Internals

about 1 year ago

This year, LAPS 2.0 was released by Microsoft, and thankfully it now...

PNG Steganography from First Principles

about 1 year ago

Steganography is experiencing a revival as a wrapper for delivering payloads. In...

Building a Custom Mach-O Memory Loader for macOS - Part 1

almost 2 years ago

In this blog we'll look at what it takes to construct an...

Restoring Dyld Memory Loading

almost 2 years ago

Up until recently, we've enjoyed in-memory loading of Mach-O bundles courtesy of...

WAM BAM - Recovering Web Tokens From Office

about 2 years ago

This post looks at the recent trend of pulling Azure tokens from...

Exploring SCCM by Unobfuscating Network Access Accounts

over 2 years ago

In this post we'll explore just how SCCM uses its HTTP API...

Exploring SCCM by Unobfuscating Network Access Accounts

about 2 years ago

In this post we'll explore just how SCCM uses its HTTP API...

g_CiOptions in a Virtualized World

over 2 years ago

With the leaking of code signing certificates and exploits for vulnerable drivers...

NTLMquic

over 2 years ago

In this post, we'll dig into just how SMB over QUIC works...