Headset0161 513 0960
Bypassing Windows Defender

Bypassing Windows Defender with Environmental Decryption Keys

In our latest technical blog, Juanjo - an accomplished Security Consultant here at Secarma - takes y...

modern process injection

Process Injection Part 2: Modern Process Injection

In our last blog, Brandon - a member of our highly skilled Red Team here at Secarma - took us throug...

process injection

Process Injection Part 1: The Theory

Process injection is a defence evasion technique that any skilled penetration tester needs in their ...

MSBuild beat CrowdStrike

Three ways of using MSBuild to beat CrowdStrike

In this blog, Brandon – one of our Testing Consultants here at Secarma and an all-round Red Teamin...

SSL/TLS Misconfigurations

Understanding Common SSL/TLS Misconfigurations

In this blog, Thomas – one of our Testing Team Leads here at Secarma – takes you through the ins...

Testing Compiled Applications

In this blog, Joe – one of our Testing Team Leads here at Secarma – takes you through his metho...

chaining vulnerabilities

Chaining Vulnerabilities for Account Takeover  

A vulnerability scan can help you find and fix key issues within your systems - and this automated p...

RootBeer Library

Bypassing Android’s RootBeer Library (Part 2)

In the first part of this post, I discussed one method to bypass RootBeer Library through code manip...

Using Visual Studio Code Extensions for Persistence

With Visual Studio Code being the tool of choice in most development environments (I know, I love ...

Consul API

Escaping Restricted Shell through Insecure Consul API

In this blog, the Secarma Labs team provide an overview on escaping restricted shell through insecur...