Archive

Slides

Investigating RF Controls with RTL-SDR

By Katie Knowles on 2 February 2018

Katie Knowles presented an introduction to Software Defined Radio (SDR) titled 'Signal Safari: Investigating RF Controls with RTL-SDR' at BSidesNYC 2018. This talk gave attendees a crash course in using SDRs to conduct their own RF investigations.

Read more

Blog

Finding the Low-Hanging Route

By Georgi Geshev on 20 December 2017

The Application Policy Infrastructure Controller Enterprise Module (APIC-EM) is Cisco's SDN controller for enterprise networks, which according to Cisco can solve a myriad of problems by leveraging many bleeding edge technologies.

Read more

Slides

Corrupting Memory In Microsoft Office Protected-View Sandbox

By Yong Chuan Koh on 23 November 2017

Yong Chuan Koh presented this talk at Microsoft BlueHat v17.

Read more

Blog

WebUSB - How a website could steal data off your phone

By Felix Schmidt on 3 October 2017

On the 5th September this year, Chrome 61 was released with WebUSB enabled as a default feature. WebUSB is a JavaScript API to allow web sites access to connected USB devices.

Read more

Slides

Biting the Apple that feeds you - macOS Kernel Fuzzing

By Alex Plaskett and James Loureiro on 25 September 2017

This talk aimed to cover the research which has been undertaken following on from the Defcon presentation on MWR's platform agnostic kernel fuzzing, to automatically identify critical flaws within Apple macOS.

Read more

Blog

“Tasking” Office 365 for Cobalt Strike C2

By William Knowles on 22 September 2017

There is much research into customised and novel Command and Control (C2) channels, although typically the public outputs of such research are standalone proof-of-concepts rather than being integrated into exisiting offensive toolkits.

Read more

Whitepaper

Kernel Driver mmap Handler Exploitation

By Mateusz Fruba on 19 September 2017

This paper aims to guide it's reader towards building a working exploit for Linux kernel driver memory mapping issues. This research was largely motivated due to the lack of public step by step documentation on how...

Read more

Slides

Land, Configure Microsoft Office, Persist

By William Knowles on 18 September 2017

One software product that red teamers will almost certainly find on any compromised workstation is Microsoft Office. This talk discussed the ways that native functionality within Office can be abused to obtain persistence.A wide range of...

Read more

Blog

Threat Information Sharing with Athena

By Jonathan Nicholas on 1 September 2017

The aim of this article is to provide an introduction to using structured Threat Intelligence (TI) formats, some of the challenges present (in particular with data transformation) and to share a tool MWR has developed to...

Read more

Slides

UAC 0day, all day!

By Ruben Boonen on 16 August 2017

In July of 2017 Ruben Boonen delivered a 4 hour workshop at DefCon on User Account Control (UAC). The workshop demonstrated fundamental design flaws in the current implementation of UAC and provided attendees with the required...

Read more

Blog

Alexa, are you listening?

By Mark Barnes on 1 August 2017

The Amazon Echo is vulnerable to a physical attack that allows an attacker to gain a root shell on the underlying Linux operating system and install malware without leaving physical evidence of tampering.

Read more

Blog

Using Windows File Auditing to Detect Honeyfile Access

By Joshua Gideon on 7 July 2017

Over the years, a vast amount of research has been focused towards honeypots. Honeypots have evolved from the traditional emulated operating system and service to include a variety of honey “things”.

Read more