BLOG

Komodo Research

Jul 18, 20193 min read

Playing with Connected Files: a story of mysterious behavior in Windows file-system

A while back, I was working on some offline HTML files using Microsoft’s Office Word for some side project. I simply created an empty...

1,517 views0 comments

Komodo Research

Jun 25, 20196 min read

WHY RED-TEAM?

What is Security Red-Team? A security red-team is a test that aims to assess the security level of an organization, identify main weaknesses

777 views0 comments

Komodo Research

Jun 12, 20197 min read

Bypassing CrowdStrike in an Enterprise Production Network [in 3 Different Ways]

Bypassing CrowdStrike in an enterprise production network EDR solutions and specifically CrowdStrike Falcon are giving us a hard time...

52,227 views1 comment

Komodo Research

May 30, 20193 min read

When all else fails - find a 0-day

How a failing red-team engagement led us to find a silly zero day. And why “insecure by default” is still an issue in 2019.

8,234 views20 comments

Komodo Research

Apr 25, 20193 min read

Through the cloud – remote debugging to crack MQ

In a simple penetration test the tester is presented with a target, say a web application, and attacks it from his workstation. However,...

772 views0 comments

Komodo Research

Apr 11, 20194 min read

AV WARS: Fighting fire with fire [AV Bypass Technique]

Back when I started doing red team engagements for Komodo, bypassing AV solutions was quick and trivial, almost a ‘non-brainer.’ Just...

2,590 views0 comments