Beyond XSS: Edge Side Include Injection

Update: A new blog post has been published as a follow up to this article : ESI Part 2: Abusing specific implementations.   Abusing Caching Servers into SSRF and Client-Side Attacks While conducting a security assessment, we noticed an unexpected behavior in the...

Binary Webshell Through OPcache in PHP 7

Update: A follow-up article was published on the detection and the reverse-engineering of those binary web shells. In this article, we will be looking at a new exploitation technique using the default OPcache engine from PHP 7.  Using this attack vector, we can bypass...

Your credentials at risk with Lansweeper 5

As a penetration testers, we rarely have to find ‘zero day’ vulnerabilities or perform ‘bug hunting’ in order to compromise Windows Active Directory Domains. However, in one of these rare cases while performing an internal penetration test for a client, we had to do...
Titan Managed Detection & Response
Next-Generation Antivirus
Endpoint Detection & Response
Network Detection & Response
Inbox Detection & Response
Insider Threat Detection & Response
Managed Firewall
Managed SIEM
Endpoint Security Lifecycle
GoSecure Titan
Titan Software
Email Security
Web Security
ResponderPRO Forensics Toolkit
Advisory Services
Cybersecurity Assessment
Security Compromise Assessment
Ethical Hacking
Incident Response & Forensics
Compliance & Audit
3rd Party Technology

Pin It on Pinterest