Beyond XSS: Edge Side Include Injection

Update: A new blog post has been published as a follow up to this article : ESI Part 2: Abusing specific implementations. Abusing Caching Servers into SSRF and Client-Side Attacks While conducting a security assessment, we noticed an unexpected behavior in the markup...

Binary Webshell Through OPcache in PHP 7

Update: A follow-up article was published on the detection and the reverse-engineering of those binary web shells. In this article, we will be looking at a new exploitation technique using the default OPcache engine from PHP 7.  Using this attack vector, we can bypass...

Your credentials at risk with Lansweeper 5

As a penetration testers, we rarely have to find ‘zero day’ vulnerabilities or perform ‘bug hunting’ in order to compromise Windows Active Directory Domains. However, in one of these rare cases while performing an internal penetration test for a client, we had to do...

Pin It on Pinterest