Blog (FR)

Alice in Windowsland: 3 ways to escalate privileges and steal credentials

01.oct.2021

Liatsis Fotios, Senior Security Consultant

Read how our red team used different attack techniques to hack AppLocker restrictions by implementing escalated privileges and reusing the Credentials Manager to extract stored data and Azure information.

Multiple vulnerabilities discovered in Pyrescom Termod4 smart device

29.jan.2021

Hugo van den Toorn and Jonas Mattsson

Read how our red team outsmarted a smart time management device and discovered CVE-2020-23160, CVE-2020-23161 and CVE-2020-23162

Social distancing times are social engineering times

12.juin.2020

Martin Jartelius, CSO, Outpost24

Recently, we encountered an attacker who had taken efficient spear-phishing to an interesting and increased level of consistency and automation. We’ve also seen firsthand the speed at which this attacker learned from some initial mistakes to launch their successful attack which we identify in the examples in this blog.

Responsible disclosure: Multiple stored XSS vulnerabilities discovered in ServiceNow ITSM by Outpost24

05.mai.2020

Hugo van den Toorn, Manager Offensive Security at Outpost24

During a web application pentest by our Ghost Labs OffSec team in March last year, we discovered multiple stored cross-site scripting vulnerabilities on the widely popular ServiceNow IT Service Management software. After informing our customers, we reached out to the vendor (ServiceNow). In collaboration with them, the vulnerabilities are quickly triaged and remediated in later versions of the product. To remediate we urge users of the ServiceNow platform to upgrade to the latest stable version. We would like to thank ServiceNow’s security team for their swift and adequate response.

Tools of the trade: PiPlant, dropping it like it’s hot

23.oct.2019

Hugo van den Toorn, Manager Offensive Security at Outpost24

In this blog I will share why we use hardware implants for our Red teaming and physical penetration tests, how they work and how we make them.

Vulnerabilities discovered by Outpost24 in Oracle WebCenter Sites

07.aoû.2019

Jonas Mattsson, Ghost Labs

This post explains how the vulnerabilities in Oracle Webcenter Site were found and how they can be exploited.

Vulnerability discovered in gSOAP by Outpost24

01.avr.2019

Kristian Varnai Pettersson, Senior Security Consultant at Ghost Labs by Outpost24

When performing a penetration test, there is usually something to be found and reported on. Every once in a while, there’s a client with such great security posture that there are simply no major issues in their web application. When this happens, it can mean only one thing: we need to go deeper!

X Forwarded for SQL injection

06.fév.2019

Nikos Danopoulos, Ghost Labs

Ghost Labs performs hundreds of success tests for its customers ranging from global enterprises to SMEs. Our team consists of highly skilled ethical hackers, covering a wide range of advanced testing services to help companies keep up with evolving threats and new technologies.