While DLL hijacking attacks can take on many different forms, this blog post will explore a specific type of attack called DLL proxying, providing insights into how it works, the potential risks it poses, and briefly the methodology for discovering these vulnerable DLLs, which led to the discovery of several zero-day vulnerable DLLs that Microsoft has acknowledged but opted to not fix at this time.

The post Proxying Your Way to Code Execution – A Different Take on DLL Hijacking  appeared first on Black Hills Information Security, Inc..

The Challenge As stated in PART 1 of this blog, the Windows endpoint defense technology stack in a mature organization represents a challenge for Red Teamer initial access operations. For […]

The post Initial Access Operations Part 2: Offensive DevOps appeared first on Black Hills Information Security, Inc..

Joff Thyer // Editor’s Note:  This is part 2 of a 3 part series.  Part 1 discussed configuring your virtual machine engine and virtual hardware emulation.  Part 2 (this part) covers […]

The post Android Dev & Penetration Testing Setup – Part 2: Installing Android Studio appeared first on Black Hills Information Security, Inc..

Joff Thyer // Editor’s Note:  This is part 1 of a 3 part series.  Part 1 will discuss configuring your virtual machine engine and virtual hardware emulation.  Part 2 covers installing […]

The post Android Dev & Penetration Testing Setup – Part 1 appeared first on Black Hills Information Security, Inc..