mr.d0x

C:\Users\mr.d0x> whoami_

Twitter Recap - Part 1

January 8, 2022

This is the start of a Twitter recap series which highlights interesting or useful posts that never made it to the blog

Continue Reading →

Phishing With Spoofed Cloud Attachments

December 31, 2021

Abuse the way O365 Outlook renders cloud attachments to make malicious executable cloud attachments look like harmless files

Continue Reading →

Microsoft Teams Abuse

December 10, 2021

UPDATED: With the announcment that MS Teams allows users outside of an organization to message users, I revisited Teams and added new techniques

Continue Reading →

Abusing Google Drive's Email File Functionality

November 17, 2021

Google Drive’s email file functionality can be used to send phishing emails via the google.com domain

Continue Reading →

Spoofing Calendar Invites Using .ics Files

November 2, 2021

A new technique showing how an attacker can create calendar invites with spoofed attendees

Continue Reading →

Introduction to Parent-Child Process Evasion

October 22, 2021

Simple changes in process relationship could bypass certain security solutions

Continue Reading →

Phishing With Google's Domain

October 20, 2021

A quick and easy way to bypass link analyzers by hiding behind Google’s domain.

Continue Reading →

Spoofing Vulnerabilities In GDrive and OneDrive

October 20, 2021

Google Drive and OneDrive contain spoofing vulnerabilities that can aid attackers with phishing

Continue Reading →

Leveraging VirtualBox During Engagements

August 4, 2021

If you run into VirtualBox on a machine during an engagement try some of these methods

Continue Reading →

Easy Bounty With Exposed Buckets & Blobs

July 26, 2021

A simple guide on finding exposed AWS S3 buckets and Azure Blobs

Continue Reading →