Homepage
Open in app
Sign inGet started

TSS - Trusted Security Services

TSS is a leading cyber security company founded by former Australian Government security specialists. This blog is a way for TSS staff to contribute back to the security industry

  • About This Blog
  • TSS Website
  • NOC NOC. Who’s there? Your NMS is pwned.

    NOC NOC. Who’s there? Your NMS is pwned.

    By xerubus
    Go to the profile of TSS
    TSS
    Apr 8, 2020
    Penetration testing & window.opener — XSS vectors part 2

    Penetration testing & window.opener — XSS vectors part 2

    tldr; opener.location.* and the onhashchange event are XSS vectors. XSS exists in old versions of reveal.js.
    Go to the profile of Josh Graham
    Josh Graham
    Jun 3, 2019
    CTF Writeup — You Shall Not Pass

    CTF Writeup — You Shall Not Pass

    BSides Canberra 2019 — Reverse Engineering
    Go to the profile of Tom
    Tom
    Mar 18, 2019
    Under Cover of Darkness

    Under Cover of Darkness

    Practical considerations for (legally) breaking and entering.
    Go to the profile of Tom
    Tom
    Feb 12, 2019
    BloodHound.xpab — Applocker bypass

    BloodHound.xpab — Applocker bypass

    A few weeks ago I created a proof of concept XAML browser application (XBAP) that demonstrates Presentationhost.exe bypassing default…
    Go to the profile of Josh Graham
    Josh Graham
    Feb 11, 2019
    Cyberlympics 2018 — Finals

    Cyberlympics 2018 — Finals

    Wherein the team travels to Atlanta to open a padlock without touching it.
    Go to the profile of Tom
    Tom
    Jan 21, 2019
    Multiple Security Vulnerabilities in Dell EMC Avamar

    Multiple Security Vulnerabilities in Dell EMC Avamar

    In this post I’ll cover four different CVEs identified by myself and a colleague from TSS.
    Go to the profile of Jarrod Farncomb
    Jarrod Farncomb
    Jan 7, 2019
    Penetration testing & window.opener — XSS vectors part 1

    Penetration testing & window.opener — XSS vectors part 1

    This is the first part of a four part series discussing security concepts related to the JavaScript opener variable (almost all the…
    Go to the profile of Josh Graham
    Josh Graham
    Dec 3, 2018
    Cyberlympics 2018 — DNS covert channel

    Cyberlympics 2018 — DNS covert channel

    I was fortunate enough to participate in the Cyberlympics this year with the TSS CTF team. There was some tough competition and after…
    Go to the profile of Josh Graham
    Josh Graham
    Nov 8, 2018
    XSS in Dynamics 365

    XSS in Dynamics 365

    I recently tested an application hosted within Microsoft’s Dynamics 365 online services platform. During the test I discovered a…
    Go to the profile of Tim Kent
    Tim Kent
    Nov 5, 2018
    AppLocker Bypass — presentationhost.exe

    AppLocker Bypass — presentationhost.exe

    Presentationhost.exe appears on several AppLocker whitelist bypass lists (e.g. api0cradl and milkdevil) but I wasn’t able to find any good…
    Go to the profile of Josh Graham
    Josh Graham
    Oct 19, 2018
    Pentesting and .hta (bypassing PowerShell Constrained Language Mode)

    Pentesting and .hta (bypassing PowerShell Constrained Language Mode)

    When I’m on an engagement and I’m given a SOE and a domain account, I usually want to use a tool like PowerShell Empire to remotely…
    Go to the profile of Josh Graham
    Josh Graham
    Oct 4, 2018
    BlueHat 2018 CTF

    BlueHat 2018 CTF

    I had the chance to play Jonathan Bar Or’s BlueHat CTF this year. Because I didn’t know anyone, I asked to be allocated to a random team…
    Go to the profile of Josh Graham
    Josh Graham
    Oct 1, 2018
    Cyberlympics 2018

    Cyberlympics 2018

    Earlier in August, the remaining TSS team members who weren’t representing in Vegas for DEF CON competed in the Global Cyberlympics 2018…
    Go to the profile of Jeremy Goldstein
    Jeremy Goldstein
    Aug 23, 2018
    DEF CON 2018

    DEF CON 2018

    TSS will be representing in the Las Vegas area for #HackerSummerCamp this year, with a few of our team members speaking at the various…
    Go to the profile of Glenn 'devalias' Grant
    Glenn 'devalias' Grant
    Aug 8, 2018
    Adversary Mindset

    Adversary Mindset

    TSS' Inaugural Red Team Training
    Go to the profile of Tom
    Tom
    Jul 31, 2018

    The “billion silent laughs” attack — That time Incapsula was vulnerable to a DoS attack

    By Joshua Graham (@JPG1nc)
    Go to the profile of TSS
    TSS
    Jun 25, 2018
    Ruxcon 11 [Pwnable 2] Write Up

    Ruxcon 11 [Pwnable 2] Write Up

    By Tom Ravenscroft- Small batch artisanal hax0r and security specialist
    Go to the profile of TSS
    TSS
    Jan 31, 2018

    Atlassian Confluence: Cross-Site Scripting (XSS) (CVE-2017–16856)

    Earlier this year I spent some time delving into Atlassian Confluence to see if I could dig up any bugs that had slipped through the…
    Go to the profile of Glenn 'devalias' Grant
    Glenn 'devalias' Grant
    Dec 4, 2017
    About TSS - Trusted Security ServicesLatest StoriesArchiveAbout MediumTermsPrivacy