Josh GrahaminTSS - Trusted Security ServicesPenetration testing & window.opener — XSS vectors part 2tldr; opener.location.* and the onhashchange event are XSS vectors. XSS exists in old versions of reveal.js.Jun 4, 2019Jun 4, 2019
Josh GrahaminTSS - Trusted Security ServicesBloodHound.xpab — Applocker bypassA few weeks ago I created a proof of concept XAML browser application (XBAP) that demonstrates Presentationhost.exe bypassing default…Feb 11, 2019Feb 11, 2019
Josh GrahaminTSS - Trusted Security ServicesPenetration testing & window.opener — XSS vectors part 1This is the first part of a four part series discussing security concepts related to the JavaScript opener variable (almost all the…Dec 4, 20181Dec 4, 20181
Josh GrahaminTSS - Trusted Security ServicesCyberlympics 2018 — DNS covert channelI was fortunate enough to participate in the Cyberlympics this year with the TSS CTF team. There was some tough competition and after…Nov 8, 2018Nov 8, 2018
Josh GrahaminTSS - Trusted Security ServicesAppLocker Bypass — presentationhost.exePresentationhost.exe appears on several AppLocker whitelist bypass lists (e.g. api0cradl and milkdevil) but I wasn’t able to find any good…Oct 19, 2018Oct 19, 2018
Josh GrahaminTSS - Trusted Security ServicesPentesting and .hta (bypassing PowerShell Constrained Language Mode)When I’m on an engagement and I’m given a SOE and a domain account, I usually want to use a tool like PowerShell Empire to remotely…Oct 5, 20181Oct 5, 20181
Josh GrahamBluehat CTF — MindblowI had the chance to play the Bluehat CTF this year made by Jonathan Bar Or. This blog will discuss the way I solved the Regex JavaScript…Oct 2, 2018Oct 2, 2018
Josh GrahamBluehat CTF — ThreeSeconds (captcha solver)I had the chance to play the Bluehat CTF this year made by Jonathan Bar Or. This blog will discuss the way I solved the web challenge…Oct 2, 2018Oct 2, 2018
Josh GrahamBluehat CTF — MatrixBrowserI had the chance to play the Bluehat CTF this year made by Jonathan Bar Or. This blog will discuss the way I solved the web challenge…Oct 2, 2018Oct 2, 2018
Josh GrahamBlueHat CTF — Q29VA2LLI had the chance to play the Bluehat CTF this year made by Jonathan Bar Or. This blog will discuss the way I solved the webchallenge…Oct 2, 2018Oct 2, 2018