mscoree.dll, RunDll32ShimW lolbin www.hexacorn.com/blog/2025/05...

[Blog] This ended up being a great applied research project with my co-worker Dylan Tran on weaponizing a technique for fileless DCOM lateral movement based on the original work of James Forshaw. Defensive recommendations provided. - Blog: ibm.com/think/news/f... - PoC: github.com/xforcered/Fo...

I am excited to announce the first conference dedicated to the offensive use of AI in security! Request an invite at offensiveaicon.com. Co-organized by RemoteThreat, Dreadnode, & DEVSEC.

In this blog post, I explain how I was able to create a PowerShell console in C/C++, and disable all its security features (AMSI, logging, transcription, execution policy, CLM) in doing so. 💪 👉 blog.scrt.ch/2025/02/18/r...

New blog post on the abuse of the IDispatch COM interface to get unexpected objects loaded into a process. Demoed by using this to get arbitrary code execution in a PPL process. googleprojectzero.blogspot.com/2025/01/wind...

You can find our @shmoocon.bsky.social presentation slides at the below GitHub repo. Thanks again to all that attended. Also, thank you to the conference organizers for putting on a great con and having us! #shmoocon github.com/h4wkst3r/Con...