Citrix Gateway: Launch, Authentication, Policies and Endpoint Analysis (EPA)

Introduction This article provides a summary of some of the useful resources about how to investigate, troubleshoot, and prevent the most common issues related to launching a session on Citrix Gateway. This article includes links intended to help with topics which are related to Authentication, t...

Velociraptor Version 0.6.4: Dead Disk Forensics and Better Path Handling Let You Dig Deeper

Rapid7 is pleased to announce the release of Velociraptor version 0.6.4 – an advanced, open-source digital forensics and incident response DFIR tool that enhances visibility into your organization’s endpoints. This release has been in development and testing for several months now and has a lot o...

How to Deploy Citrix Gateway Plug-in and Endpoint Analysis Installer Packages for Windows by Using Active Directory Group Policy

This article contains information about deploying the Citrix Gateway Plug-in and Endpoint Analysis EPA Microsoft Installer MSI packages for Windows by using an Active Directory Group Policy. If users do not have administrative privileges to install the Citrix Gateway Plug-in and EPA Plug-in on th...

Using MixMode and Carbon Black to Spot a Watering Hole Attack

For those not familiar with watering hole attacks, they are attacks on a specific place—such as a restaurant—that many people visit. They generally involve malicious code being injected into an iframe on the company’s website. In the case of a restaurant, for example, the online menu would be a...

Happy IR in the New Year!

At the end of last year Mr. Jake Williams from aka @MalwareJake asked a very important question about Lack of visibility during detecting APT intrusions in twitter. Results show us that endpoint analysis is the most important part of any research connected with APTs. Also, for sure endpoint...

REDDOXX Appliance Build 2032 / 2.0.625 - Arbitrary File Disclosure

Advisory: Arbitrary File Disclosure with root Privileges via RdxEngine-API in REDDOXX Appliance RedTeam Pentesting discovered an arbitrary file disclosure vulnerability in the REDDOXX appliance software, which allows unauthenticated attackers to list directory contents and download arbitrary file...

Configure post-authentication Endpoint Analysis scan as factor in Citrix ADC nFactor auth

For detailed information refer to Citrix Documentation -Configure post-authentication Endpoint Analysis scan as a factor in Citrix ADC nFactor authentication...

How to Configure Device Certificate on Citrix Gateway for Authentication

Adevice certificateverifies that a user device is allowed to connect to the internal network. NetScaler Gateway supports device certificates that enable you to bind the device identity to a public key. Notes : You must install NetScaler Gateway 10.1, Build 120.1316.e or later or 10.5.e.x or 10.5....

Buffer overflow

Multiple unspecified vulnerabilities in 1 Net6Helper.DLL aka Net6Launcher Class 4.5.2 and earlier, 2 npCtxCAO.dll aka Citrix Endpoint Analysis Client in a Firefox plugin directory, and 3 a second npCtxCAO.dll aka CCAOControl Object before 4.5.0.0 in Citrix Access Gateway Standard Edition before...

CVE-2007-4013

CVE-2007-4013 covers multiple unspecified vulnerabilities in Net6Helper.DLL (Net6Launcher Class, 4.5.2 and earlier) and in npCtxCAO.dll (Citrix Endpoint Analysis Client) in a Firefox plugin directory, plus a second npCtxCAO.dll (CAAOControl Object) in Citrix Access Gateway Standard Edition before...