Skip to content
0xsp SRD – Security Research & Development
  • Home
  • Guide
  • Projects
Mon 29 Jun 6:00 PM

Loading

Abuse Cloudflare Zerotrust for C2 channels
offensive

Abuse Cloudflare Zerotrust for C2 channels

What is Zero Trust Security? Zero Trust security is an IT security model that requires strict identity verification for every person and device trying…

July 2, 2022 · 4 min
MalewareBytes Support tool – SAM hash dump?
security research & development (SRD)

MalewareBytes Support tool – SAM hash dump?

Malwarebytes provides a support tool that automatically repairs and fixes software issues and broken configurations, that’s actually common for anti-malware software to…

June 3, 2022 · 2 min
Follina – CVE-2022-30190 RTF
offensive

Follina – CVE-2022-30190 RTF

Intro a recent code execution vulnerability targeting office365 using unpatched vulnerability which allows client-side command execution via ms-msdt protocol. the first appearance…

May 31, 2022 · 3 min
Mortar Loader v2
offensive

Mortar Loader v2

https://github.com/0xsp-SRD/mortar Words to say I released the Mortar loader a couple of months ago, and it was good results in defeating and…

May 22, 2022 · 4 min
Porting Backdoors – Windows rootkits via RESTful API Service
Malware Research

Porting Backdoors – Windows rootkits via RESTful API Service

Research Agenda Part1 – porting the backdoor for windows (READY) Part2 – porting the backdoor for Linux/Unix (IN PROGRESS) Part3 – hiding the…

April 20, 2022 · 7 min
Active Directory (Attack & Defense )
offensive

Active Directory (Attack & Defense )

This is the 2026 revision of Active Directory (Attack & Defense), first published in April 2022. The content might have under frequent changes.…

April 19, 2022 · 28 min
combined attacks against XDR
security research & development (SRD)

combined attacks against XDR

Intro Despite the fact, XDR products play bulletproof against newly cyber by newly updated built-in defensive techniques and procedures, there are small…

April 19, 2022 · 3 min
0xsp-mongoose RED
security dev

0xsp-mongoose RED

Intro 0xsp mongoose red is a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfiguration, and…

April 19, 2022 · 6 min
Hunting Windows Credentials (CredUIPromptForWindowsCredentials)
offensive

Hunting Windows Credentials (CredUIPromptForWindowsCredentials)

intro I recently started to do Live streaming on twitch and youtube to cover some techniques and do some live coding sessions.…

April 19, 2022 · 5 min
bypass restricted command prompt for none-privileged users
offensive

bypass restricted command prompt for none-privileged users

intro The Windows Command Prompt (sometimes called the DOS prompt) is a tool that allows administrators to invoke system-wide commands to make…

April 19, 2022 · 2 min

Posts navigation

‹ Newer 1 2 3 4 Older ›