Komodo ConsultingThe Army Of The Headless BrowsersHow Facebook infrastructure can be used to perform DDoS.Jun 29, 2022Jun 29, 2022
Komodo ConsultingFILELESS ADWARE VIA WEB PUSH NOTIFICATIONSOne push too far / part 1Jun 29, 2022Jun 29, 2022
Komodo ConsultingIs Macro Malware Dead?To answer the question, of whether this is the end of Macro Malware, we must go on a short journey:Jun 21, 2022Jun 21, 2022
Komodo ConsultingYOUR W-2 FORM IS WANTED FOR PHISHINGTraditionally, tax season opens by the end of January and…W-2 Fraud SampleMay 28, 2022May 28, 2022
Komodo ConsultingTHE ARMY OF THE HEADLESS BROWSERSHow Facebook infrastructure can be used to perform DDoS.May 28, 20221May 28, 20221
Komodo ConsultingPlaying with Connected Files: a story of the mysterious behavior in Windows file-systemA while back, I was working on some offline HTML files using Microsoft’s Office Word for some side project. I simply created an empty file…Apr 28, 2022Apr 28, 2022
Komodo ConsultingBypassing CrowdStrike in an enterprise production network [in 3 different ways]EDR solutions and specifically CrowdStrike Falcon are giving us a hard time recently. It seemed that no matter how covert we tried to be, a…Apr 28, 20221Apr 28, 20221
Komodo ConsultingWhat Are The Best Practices in Third-Party Risk Management?Check out the following best practices for third-party risk management:Feb 21, 2022Feb 21, 2022
Komodo ConsultingWhat Are The Main Aims of Penetration Testing?Before deciding to go for a simulated attack on network infrastructure, it is better to know what it is actually meant for. Also, it is…Feb 21, 2022Feb 21, 2022
Komodo ConsultingAn Accidental SSRF Honeypot in Google CalendarThis is a story of what both I and Google engineers considered to be an SSRF vulnerability in Google Calendar — but turned out to be some…Feb 21, 2022Feb 21, 2022