Katie Knowles presented an introduction to Software Defined Radio (SDR) titled 'Signal Safari: Investigating RF Controls with RTL-SDR' at BSidesNYC 2018. This talk gave attendees a crash course in using SDRs to conduct their own RF investigations.
Read more
The Application Policy Infrastructure Controller Enterprise Module (APIC-EM) is Cisco's SDN controller for enterprise networks, which according to Cisco can solve a myriad of problems by leveraging many bleeding edge technologies.
Read more
Yong Chuan Koh presented this talk at Microsoft BlueHat v17.
Read more
On the 5th September this year, Chrome 61 was released with WebUSB enabled as a default feature. WebUSB is a JavaScript API to allow web sites access to connected USB devices.
Read more
This talk aimed to cover the research which has been undertaken following on from the Defcon presentation on MWR's platform agnostic kernel fuzzing, to automatically identify critical flaws within Apple macOS.
Read more
There is much research into customised and novel Command and Control (C2) channels, although typically the public outputs of such research are standalone proof-of-concepts rather than being integrated into exisiting offensive toolkits.
Read more
This paper aims to guide it's reader towards building a working exploit for Linux kernel driver memory mapping issues. This research was largely motivated due to the lack of public step by step documentation on how...
Read more
One software product that red teamers will almost certainly find on any compromised workstation is Microsoft Office. This talk discussed the ways that native functionality within Office can be abused to obtain persistence.A wide range of...
Read more
The aim of this article is to provide an introduction to using structured Threat Intelligence (TI) formats, some of the challenges present (in particular with data transformation) and to share a tool MWR has developed to...
Read more
In July of 2017 Ruben Boonen delivered a 4 hour workshop at DefCon on User Account Control (UAC). The workshop demonstrated fundamental design flaws in the current implementation of UAC and provided attendees with the required...
Read more
The Amazon Echo is vulnerable to a physical attack that allows an attacker to gain a root shell on the underlying Linux operating system and install malware without leaving physical evidence of tampering.
Read more
Over the years, a vast amount of research has been focused towards honeypots. Honeypots have evolved from the traditional emulated operating system and service to include a variety of honey “things”.
Read more