Having Fun with ActiveX Controls in Microsoft Word

Marcello Salvati// During Red Team and penetration tests, it’s always important and valuable to test assumptions. One major assumption I hear from Pentesters, Red teamers and clients alike is that most networks (or their own network) block outbound SMB traffic. In my phishing payloads, I always try to inject a UNC path: If macros are […]

Read the entire post here