VS-Labs
Security Research
Analyzing CVE-2019-1436 on Windows 10 v1903
VerSprite's Research team uncovers silently patched information leak within Win32k Windows 10 v1709 to v1903. Exploitation of this vulnerability allows attackers to leak the value of win32kbase!gahDpiDepDefaultGuiFonts. Read the N-Day vulnerability and exploit analysis here.
Exploitation of Remote WCF Vulnerabilities
In this blog, we’ll be discussing the discovery,...
Hacking an Aftermarket Remote Start System
In part two of this series, we’ll dive deeper in...
Windows Userland Application Attack Surface Enumeration
Inside the domain of vulnerability research, many ...
How Hackers Control & Steal Vehicles Remotely
The trend of automotive security research began in...
APT MiTM (Man-in-The-Middle) Package Injection
A practical approach to perform a MiTM (Man-in-The...
JSON Deserialization Memory Corruption Vulnerabilities
In this blog post, we will cover the types of memo...
Phishing for Files with Airmail 3 for Mac
Airmail 3 is a sleek and featureful alternative to...
Abusing Insecure Windows Communication Foundation (WCF) Endpoints
During an audit of several Windows VPN services, w...
Frida Engage Part Three | You Down With XPC?
In the final installment of the Frida Engage blog ...
Oh the POSsibilities – Point-Of-Sale Insecurity
Given the delicate nature of Point-of-Sale, PCI DS...
XML EXTERNAL ENTITY (XXE) Processing
According to the 2017 OWASP Top 10, XML External E...
Exploiting VyprVPN for MacOS
In this blog, we'll dive into the process of findi...
Exploiting the Dolphin Browser for Android’s Backup & Restore Feature
In this blog post, we will cover the vulnerability...
Shellcoding an Arm64 In-Memory Reverse TCP Shell with Frida
In part two of the series we are going to explore ...
Frida Engage Part One | Building an ELF Parser with Frida
In this blog series we will be covering the endles...