Exploit
XORtigate: Pre-authentication Remote Code Execution on Fortigate VPN (CVE-2023-27997)
Wed 14 June 2023
A pre-authentication remote code execution on Fortigate SSL VPN was discovered by Lexfo (CVE-2023-27997).
Read moreCSIRT
CVE-2023-27997 - Forensics short notice for XORtigate
Tue 13 June 2023
Some feedbacks on what we observed in Forensics with the Pre-auth RCE on Fortigate VPN (CVE-2023-27997) in our test environment.
Read morePost Exploitation
Sshimpanzee
Fri 24 March 2023
Sshimpanzee, a reverse SSH tool with encapsulation feature.
Read moreCSIRT
Cobalt Strike Investigation - Part 2
Thu 09 March 2023
This second part will focus on the 'jump' command in Cobalt Strike, used to establish a connection from a compromised system to the command and control (C2) server.
Read moreCSIRT
Cobalt Strike Investigation Part 1
Tue 20 September 2022
Cobalt Strike Investigation - Part 1
Read moreVulnerability
Obfuscated obfuscation
Mon 11 April 2022
This article is a step-by-step guide to reverse an APK protected with DexGuard using Jadx
Read more