mr.d0x
C:\Users\mr.d0x> whoami_
Progressive Web Apps (PWAs) Phishing
June 11, 2024Phishing with Progressive Web Apps and UI manipulation
Continue Reading →
Hijacking & Spoofing Context Menu Options
March 6, 2024Hijacking SentinelOne’s “Scan For Threats” context menu option and creating your own option for persistence
Continue Reading →File Archiver In The Browser
May 22, 2023This article explores a phishing technique that emulates a file archiver software in the browser while using a .zip domain
Continue Reading →Phishing With Chromium's Application Mode
October 1, 2022In this blog post I show how Chromium’s application mode allows us to easily create realistic desktop phishing applications
Continue Reading →
Stealing Access Tokens From Office Desktop Applications
September 17, 2022Dumping tokens from Microsoft Office desktop applications’ memory
Continue Reading →Attacking With WebView2 Applications
June 21, 2022Exploring WebView2 applications and how they can be used for credential and cookie theft
Continue Reading →
Bypassing Cortex XDR
April 13, 2022Analyzing Cortex XDR and finding ways to bypass it
Continue Reading →
Tampering With ForcePoint One DLP EndPoint
April 4, 2022ForcePoint One DLP EndPoint lacks tamper protection allowing attackers to disable the product, raise privileges and establish persistence on the machine
Continue Reading →Browser In The Browser (BITB) Attack
March 15, 2022This article explores a phishing technique that simulates a browser window within the browser to spoof a legitimate domain
Continue Reading →Steal Credentials & Bypass 2FA Using noVNC
February 19, 2022Steal credentials and bypass 2FA by giving users remote access to your server via an HTML5 VNC client that has a browser running in kiosk mode
Continue Reading →