Β Carrie RobertsΒ // My current favorite exploit is creating malicious outlook rules as described here. The rule is configured to download an executable file with an EXE extension (.exe) when an [β¦]
The post Malicious Outlook Rule without an EXE appeared first on Black Hills Information Security, Inc..
Β Carrie RobertsΒ // Getting a shell using a malicious Outlook rule is an awesome tool during a pentest and great fun! Nick Landers had a great postΒ including enough information to make [β¦]
The post Malicious Outlook Rules in Action appeared first on Black Hills Information Security, Inc..
Carrie Roberts // There are various reasons why having a webDAV server comes in handy. The main reason I created one was to execute a malicious Outlook rule attack as [β¦]
The post Deploying a WebDAV Server appeared first on Black Hills Information Security, Inc..
Beau Bullock // Full Disclosure:Β Black Hills Information Security believes in responsible disclosure of vulnerabilities. This vulnerability was reported to Microsoft on September 28th, 2016. As of the publication date of [β¦]
The post Bypassing Two-Factor Authentication on OWA & Office365 Portals appeared first on Black Hills Information Security, Inc..
Login