top of page
BLOG
Search
Komodo Research
Jul 18, 20193 min read
Playing with Connected Files: a story of mysterious behavior in Windows file-system
A while back, I was working on some offline HTML files using Microsoft’s Office Word for some side project. I simply created an empty...
1,524 views0 comments
Komodo Research
Jun 25, 20196 min read
WHY RED-TEAM?
What is Security Red-Team?
A security red-team is a test that aims to assess the security level of an organization, identify main weaknesses
777 views0 comments
![Bypassing CrowdStrike in an Enterprise Production Network [in 3 Different Ways]](https://static.wixstatic.com/media/3184af_b8a92681773e47e5b85825eaa4f2baa9~mv2_d_5500_3671_s_4_2.jpg/v1/fill/w_1816,h_1364,fp_0.50_0.50,q_90,enc_auto/3184af_b8a92681773e47e5b85825eaa4f2baa9~mv2_d_5500_3671_s_4_2.jpg)
Komodo Research
Jun 12, 20197 min read
Bypassing CrowdStrike in an Enterprise Production Network [in 3 Different Ways]
Bypassing CrowdStrike in an enterprise production network EDR solutions and specifically CrowdStrike Falcon are giving us a hard time...
52,478 views1 comment
Komodo Research
May 30, 20193 min read
When all else fails - find a 0-day
How a failing red-team engagement led us to find a silly zero day.
And why “insecure by default” is still an issue in 2019.
8,251 views20 comments
Komodo Research
Apr 25, 20193 min read
Through the cloud – remote debugging to crack MQ
In a simple penetration test the tester is presented with a target, say a web application, and attacks it from his workstation. However,...
773 views0 comments
![AV WARS: Fighting fire with fire [AV Bypass Technique]](https://static.wixstatic.com/media/3184af_2113a1d0165d4927a8ec9efe3dbeeb6e~mv2.png/v1/fill/w_316,h_312,fp_0.50_0.50,lg_1,q_95,enc_auto/3184af_2113a1d0165d4927a8ec9efe3dbeeb6e~mv2.png)
Komodo Research
Apr 11, 20194 min read
AV WARS: Fighting fire with fire [AV Bypass Technique]
Back when I started doing red team engagements for Komodo, bypassing AV solutions was quick and trivial, almost a ‘non-brainer.’ Just...
2,592 views0 comments
bottom of page