Explore passive techniques for surviving remediation and achieving eternal persistence in an AD environment.

In this post, we analyze a cluster of malicious PyPI packages targeting specific MacOS machines.

Overview CVE-2023-39143 is a path traversal vulnerability found in Papercut MF/NG, a print management solution. This particular CVE only affects Windows installations prior to version 22.1.3. With...

The service principals in Microsoft's Entra ID can be a boon for business email compromise, but they’re also a key log source for detection.

A few months ago, I stumbled upon a 24 years old buffer overflow in the glibc, the base library for linux programs. Despite being reachable in multiple well-known libraries or executables, it proved rarely exploitable — while it didn't provide much leeway…

Extension for Visual Studio Code - Add beautiful diagrams drawn on draw.io to your code
Diagram to Text

A beginner-friendly journey from a memory corruption to a browser pwn.

NOTE: This article is based off the following:

Follow along a journey to find vulnerabilities in the RPC functionaliy of ManageEngine ADAudit

Coordinated disclosure writeup about multiple vulnerabilities in Eclipse ThreadX (CVE-2024-2214, CVE-2024-2212, CVE-2024-2452).

CVE-2024-23108 Fortinet FortiSIEM Command Injection Deep-Dive and Indicators of Compromise. This blog details a command injection vulnerability which allows an unauthenticated attacker to access the FortiSIEM server as root to execute arbitrary commands.

This post, another lesson from the “Everyday Ghidra” series, walks through the process of configuring Ghidra to automatically download…

Public disclose of CloudTrail bypass vulnerabilities we've found in AWS along with our research on using non-production API endpoints for defense evasion.

Hello everyone! It’s been a while, many things happening and not much time for coding. Hard times. Nonetheless I had little time frames for playing with some stuff I would define cool enough to write some lines about it. Last time we talked about Indirect…

 

In this post we describe a vulnerability we discovered in the Ivanti LanDesk software and how it can be exploited to achieve local privilege escalation via arbitrary code execution.
Ivanti disclosed the vulnerability in their advisory on May 28th 2024…

In March 2024, the Sysdig Threat Research Team. discovered Rebirth - an increasingly popular DDoS-as-a-Service botnet.