Here at watchTowr, we just love attacking high-privilege devices (and spending hours thinking of awful noscripts [see above]).

A good example of these is the device class of ‘next generation’ firewalls, which usually include VPN termination functionality (meaning…

Technical deep-dive, indicators of compromise, and exploit POC for CVE-2023-34051 which affects VMware vRealize Log Insight RCE as reported in VMSA-2023-0021. This vulnerability leads to remote code execution and full system compromise.

VSS Hardware Hacking Wiki and Blog Entries

About The Project Modern Software Development environments have significant debugging capabilities to troubleshoot issues with the complex nature of modern software . These debugging capabilities typically manifest in Interactive Development Environment (IDE)…

Doing security research we are constantly setting up local installations of software we are testing, and running many noscripts and utilities. To avoid risking or polluting our computer with this, we do most things isolated in virtual machines or containers.…

Several months ago, the Constrast Security Team reported a Java deserialization vulnerability about Spring Kafka to VMWare Security Team. It immediately attracted my attention and I got started to ana

CVE-2013-4786 Go exploitation tool. Contribute to fin3ss3g0d/CosmicRakp development by creating an account on GitHub.

A recently disclosed CVE for the Orthanc DICOM server can be used to obtain Remote Code Execution. As a PoC was not available, we wrote one.

Lately I’ve been conducting research into […]

It's time for another round Citrix Patch Diffing! Earlier this month Citrix released a security bulletin which mentioned "unauthenticated buffer-related vulnerabilities" and two CVEs. These issues affected Citrix NetScaler ADC and NetScaler Gateway.

How to write great vulnerability reports? If you’re a security consultant, penetration tester or a bug bounty hunter these tips are for…

🔐 A CLI tool to extract server certificates. Contribute to Hakky54/certificate-ripper development by creating an account on GitHub.

Discover vulnerability assessment using artificial intelligence: start using the new AI score as a second opinion, don't rely on the CVSS score alone.

Tenable® Holdings, Inc., the Exposure Management company, today announced it has closed its acquisition of Ermetic, Ltd. (“Ermetic”), an innovative cloud-native application protection platform (CNAPP) company, and a leading provider of cloud infrastructure…