Home | VerSprite Resources

Exploitation of Vulnerabilities

We are passionate about helping our clients chart a course that brings security and business together.

Domain Spoofing and Phishing Attacks 2

Blog Post

Phishing Attacks

Domain Spoofing and Phishing Attacks

Minimize phishing cyberattacks and prevent domain spoofing with these three settings: SPF, DKIM, and DMARC.

Learn more

PCI DDS 4.0

Blog Post

Exploitation of Vulnerabilities

PCI DSS 4.0: What You Need to Know and What You Need to Do

The PCI DSS 4.0 deadlines are fast approaching. Is your company ready? In the article below, find out what you need to do to stay compliant.

Learn more

Artificial Intelligence

Blog Post

Exploitation of Vulnerabilities

AI and Cybersecurity: Threats and Opportunities

In this article, we’ll discuss the benefits and threats of AI and machine learning tools in cybersecurity applications.

Learn more

Chrome Exploit

Blog Post

Exploit Development

Chrome Exploitation:

To teach Chrome exploitation to my team, I’ve selected a previous 0day RCE that I found last year for my company VerSprite: CVE-2021-21224 https://crbug.com/1195777, and I’ve paired it with a SBX bug found by Tim Becker: https://crbug.com/1062091.

Learn more

Printer Vulnerability

Blog Post

Exploitation of Vulnerabilities

Printer Spooler Bug Research

In this blog, we dive into and show how attackers could combine the 0day CVE-2020-0986 with the 0day in IE browser to achieve privilege escalation and then execute code remotely. Now, Maddie Stone, a security researcher on Google’s Project Zero team, found that an attacker can still trigger CVE-2020-0986 and elevate kernel privileges by sending an offset instead of a pointer.

Learn more

Windows Vulnerability

Blog Post

security research

Windows Kernel Drive Vulnerability Research: CVE-2020-17087

in this blog, we show POC Windows LPE CNG.sys CVE-2020-17087: root cause + patch analysis + reduction of crashing sample to be a 1 liner

Learn more

Cyber Attacks on Smart Cars

Blog Post

Cyber Attacks on Smart Cars Using SDR

The aim of this research is to uncover the vulnerabilities of the keyless smart cars as well as to hack and exploit them through the technologies like software defined radio (SDR) and devices GNURadio and HackRF.

Learn more

Android

Blog Post

security research

Exploring Android Vulnerabilities and Binder: Part II Building POC Code with Android NDK

This blog continues Part I of the android exploitation experiment. We build a proof-of-concept code with an Android NDK. UAF vulnerability (CVE-2019-2215)

Learn more

Android Vulnerability

Blog Post

Exploring Android Vulnerabilities and Binder: Part I

This blog post will trigger a UAF vulnerability (CVE-2019-2215) in Binder from scratch. After preparing the necessary environment and tools, we will reach the KASAN output with the POC exploit.

Learn more

We are an international squad of professionals working as one.

Email

[email protected]

logos