Developing Cobalt Strike BOFs with Visual Studio

Introduction Cobalt Strike beacon object files (BOFs) is a feature that was added to the beacon in order to allow rapid beacon extendibility in a more OPSEC way…Lees meer...

Blogs

  • Continue security code reviews voor Agile teams

    Veilige snelle innovatie Beveiliging heeft vaak moeite om bij te blijven met de snelle code-releases die door ontwikkelteams worden gedaan. De klassieke periodieke pentest is al jaren de norm, maar past niet perfect wanneer u nieuwe functies op hoge snelheid ontwikkelt. Beveiliging in je slipstream Als u snel en veilig…Lees meer...

  • Developing Cobalt Strike BOFs with Visual Studio

    Introduction Cobalt Strike beacon object files (BOFs) is a feature that was added to the beacon in order to allow rapid beacon extendibility in a more OPSEC way. The BOF file is a common object file format (COFF) object that will be loaded and executed in the same process as the beacon, and therefore eliminates the…Lees meer...

  • Android adb reverse tethering mitm setup revised

    Introduction In a previous blogpost, I've written how to combine Gnirehtet & proxychains in order to intercept traffic from mobile apps over adb while on a VPN. After some time, the setup seemed to be somewhat buggy and slow. A contact of @FSDominguez suggested to look into port forwarding. I'd like to present a…Lees meer...

  • Scanning incomplete C# projects for vulnerable code patterns

    At Securify Inline, we are always looking for smart techniques to support our security code review process. We want to find certain insecure patterns in our client's code, using static analysis. For our C# projects, we developed a custom scanner, based on the Roslyn parser. This article discusses what problems we ran…Lees meer...

  • Using Semgrep to assist in security code reviews

    Semgrep is a static code analysis tool that finds patterns in source code. At Securify Inline we use semgrep to assist in our security code reviews, and to detect issues as soon as they occur in the code. Introduction At Securify Inline we regularly review our client's code. Every week we check the code that the client…Lees meer...

Vragen of feedback?

Bel onsphone
Mail onsmail