Lately I have only published blog posts through the MDSec website. I thought it might be a good idea to link what I have published so far here as well:
- NSA Meeting Proposal for ProxyShell (view PDF)
- Covert Web Shells in .NET with Read-Only Web Paths (view PDF)
- Analysis of CVE-2020-0605 – Code Execution using XPS Files in .NET (view PDF)
- Introducing YSoSerial.Net April 2020 Improvements (view PDF)
- A Security Review of SharePoint Site Pages (view PDF)
- CVE-2020-0618: RCE in SQL Server Reporting Services (SSRS) (view PDF)
- Code injection in Workflows leading to SharePoint RCE (CVE-2020-0646) (view PDF)
COVID-19 has sadly affected many if not all of us. I hope everyone remains safe and we can all carry on the normal life we had before this crisis. Hopefully I can then publish more blog posts here as well.