Machine Learning for Red Teams, Part 1

It’s possible to detect a sandbox using a process list with machine learning. Learn more in this blog.

Learn More

An Approach to Bypassing Mail Filters

By “nulling” the first one or two bytes of a docm file, some spam filters will allow a malicious document to be delivered despite being explicitly blocked. A number of vendors have independently verified this bypass as an issue. While macro-enabled documents were the focus of our testing, the same methodology could apply to many other file types and applications.

Learn More