mr.d0x
C:\Users\mr.d0x> whoami_
Capturing Camera & Mic Using Chromium Browsers
June 3, 2025This blog explores another Chromium command line flag that can be used to spy on a user by continuously taking pictures through their camera and recording their microphone audio
Continue Reading →
Capturing Screen Activity Using Chromium Browsers
June 2, 2025This blog explores a Chromium command line flag and how it can be used to spy on a user by continuously taking screenshots of their screen
Continue Reading →Progressive Web Apps (PWAs) Phishing
June 11, 2024Phishing with Progressive Web Apps and UI manipulation
Continue Reading →
Hijacking & Spoofing Context Menu Options
March 6, 2024Hijacking SentinelOne’s “Scan For Threats” context menu option and creating your own option for persistence
Continue Reading →File Archiver In The Browser
May 22, 2023This article explores a phishing technique that emulates a file archiver software in the browser while using a .zip domain
Continue Reading →Phishing With Chromium's Application Mode
October 1, 2022In this blog post I show how Chromium’s application mode allows us to easily create realistic desktop phishing applications
Continue Reading →
Stealing Access Tokens From Office Desktop Applications
September 17, 2022Dumping tokens from Microsoft Office desktop applications’ memory
Continue Reading →Attacking With WebView2 Applications
June 21, 2022Exploring WebView2 applications and how they can be used for credential and cookie theft
Continue Reading →
Bypassing Cortex XDR
April 13, 2022Analyzing Cortex XDR and finding ways to bypass it
Continue Reading →
Tampering With ForcePoint One DLP EndPoint
April 4, 2022ForcePoint One DLP EndPoint lacks tamper protection allowing attackers to disable the product, raise privileges and establish persistence on the machine
Continue Reading →