I have recently been in the V8 vulnerability research/exploitation topic and in this post I will briefly talk about the key points at the very start of the study:

🚨Exploit for Pandora FMS Remote Code Execution CVE-2024-11320 darkwebinformer.com/exploit-for-pa…

Credit: Askar

I’ve published a new blog post featuring a technical analysis of CVE-2024-11320 a Remote Code Execution vulnerability in PandoraFMS. This is the first post in a two-part series. In this part, I focus on a manual approach to analyzing the bug, while the second part will

code auditing for exploitable bugs is a lot of labor. building fuzzers to find exploitable bugs is a lot of labor. stop trying to find shortcuts. expect to put in a lot of time and sustained effort. can’t be frustrated when you haven’t put in the effort

Since mspaint.exe has become a Universal Windows App (booo!) I have since found a sweet sweet replacement for the pwns!

Beautiful PHP app pwn, textbook failure: karmainsecurity.com/KIS-2025-01 😎

Recently, I've been working on a new modular tool for enumerating and attacking a few Attlassian products such as Confluence, Jira, and Crowd on scale. It helps enumerate instances, detect SSO misconfiguration, perform brute-force and password spraying, exploit published

I just published a new blog post exploring how to leverage the powerful Replit AI platform to tunnel your C2 channel through their infrastructure by building and deploying redirectors using their AI agent. It's a fresh method that red teamers and offensive engineers can

Recently, I came across Traefik.io while looking for a nicer way to reverse proxy traffic to my local containers instead of using Apache/Nginx to handle that, and it’s been super useful. If you’re doing vulnerability research across multiple products or building a

During a weekend research time, I found an interesting unauthenticated RCE in a python-based assets management software. Auditing the codebase was a fun challenge due to the software design, Hopefully, I'll be able to share more details about this bug soon. Meanwhile, if you

Happy Friday! We're ending the week by publishing our analysis of Fortinet's FortiWeb CVE-2025-25257.... labs.watchtowr.com/pre-auth-sql-i…

Tired of noisy alerts or missed threats? This cheat sheet breaks down 🔟 key SIEM use cases: ✅ What to detect 📂 Required logs 🧠 Rule logic 🎯 MITRE mapping 📌 Save for your blue team kit 👥 Follow for more SOC tips #SIEM #SOC #CyberSecurity #DFIR #BlueTeam

I finalized a tool called JinjaPwn, a web-based tool for generating and testing malicious Jinja2 expressions to weaponize SSTI in offensive ops. Mainly focuses on command execution, C2 agent deployment, and other actions. github.com/mhaskar/JinjaP… #redteam #pentesting #offsec

I disconnected a bit over the weekend and conducted a code review against a Robotic Process Automation (RPA) software and found an interesting RCE 0-day chain in their latest version. The chain combined Broken Access Control (BAC) with a file upload flaw. For me, these kinds of

That's awesome work as usual from Dominic Chell 👻 and team. That will open up the door for operators to implement really cool stuff.

I got some time this evening to play with an idea that has been on my mind for a while to utilize GitHub Firehose (lnkd.in/eqs3f_8q) to monitor public code pushes in real time searching for unsafe functions for a specific language, generic keywords or secrets pushed