VS-Labs
Security Research
Analyzing CVE-2019-1436 on Windows 10 v1903
VerSprite's Research team uncovers silently patched information leak within Win32k Windows 10 v1709 to v1903. Exploitation of this vulnerability allows attackers to leak the value of win32kbase!gahDpiDepDefaultGuiFonts. Read the N-Day vulnerability and exploit analysis here.
Razer Synapse 3 Security Vulnerability Analysis Report
This ungated Vulnerability Analysis Report outline...
Windows Named Pipes Part 4: Taking a Trip Down Static Analysis Lane
In the last iteration of our four-part series, Ve...
Part 3: Reversing & Exploiting Custom Windows Named Pipe Servers
In part three of this four-part series, VerSprite'...
VerSprite Cyberwatch
VerSprite's Threat Intelligence team releases real...
Reversing Stories: Updating the Undocumented ESTROBJ and STROBJ Structures for Windows 10 x64
Have you ever come across undocumented Windows str...
Investigating Microsoft Windows Vulnerability CVE-2019-1169
VerSprite recently investigated CVE-2019-1169, a N...
Automating CVE-2019-1436 Variant Analysis: An Intro to Detecting Information Leaks via IDAPython
After investigating an information leak within Win...
Part II: Analysis of a Vulnerable Microsoft Windows Named Pipe Application
In part II of this three-part series, we dive deep...
Part I: The Fundamentals of Windows Named Pipes
In this three-part blog series, we will discuss th...
Analyzing CVE-2019-1436 on Windows 10 v1903
VerSprite's Research team uncovers silently patche...
Utilizing Reverse Proxies to Inject Malicious Code & Extract Sensitive Information
Utilizing reverse proxies offers a more advanced a...
Waves Maxx Audio DLL Side-Loading LPE via Windows Registry
When performing vulnerability research, it is esse...
Digging up the Past: OS X File Versioning
In this case study of OS X digital forensics, we w...
Exploitation of Remote WCF Vulnerabilities
In this blog, we’ll be discussing the discovery,...
Hacking an Aftermarket Remote Start System
In part two of this series, we’ll dive deeper in...