It’s merged into master if you want to test it — feedback welcome 🪂

If you want to quickly check whether the guest account is enabled, you can now do it with NetExec. This is not enabled by default you need to set the custom flag check_guest_account in your nxc.conf file. Maybe one day it will be set to true by default 🪂

We are now on Reddit (r/exegol) 👐 Find valuable community posts, share your tips and tricks, ask questions! reddit.com/r/exegol NB: official support stays on our Discord server

QOL: Introducing NetExec module categories 📚 With NetExec’s rapid growth, the number of modules has increased significantly. To give a clearer overview, I’ve added categories. It’s a “best fit” approach, so not perfect, but should give a better idea of what’s available.

My blog is back online \o/ The new domain is alice.climent.red

Haiti: A CLI tool (and library) to identify hash types (hash type identifier). GitHub: github.com/noraj/haiti

First look at the dynamic hash-mode support in upcoming hashcat, powered by the new Rust Bridge. No coding needed: write your pattern on the command line. Don't want to wait for Release? Try it now via GitHub master or hashcat.net/beta. Feedback welcome on our Discord

ring ring... who is it? a bucket of sand to bury your head in. Join us today on our journey through FreePBX's CVE-2025-57819, as we chain unusual behaviour to demonstrate the auth bypass, to SQLi, to RCE, used in-the-wild. labs.watchtowr.com/you-already-ha…

Caido is now integrated in Exegol! If you don't want to worry about installing and maintaining tools but you don't like full fledge OS like Kali/Parrot, Exegol might be right balance for you 🔥

🇫🇷 (fr) nouveau vlog black hat et def con 📷 youtu.be/ja92NoNxqHk

GoAnywhere MFT, CVE-2025-10035, conspiracy theories, quiet advisory updates and IoCs with no ITW exploitation. Welcome back. labs.watchtowr.com/is-this-bad-th…

> Replace all appliancation DLLs with malicious ones > Find ✨0days✨ > Sell them to vendors > Infinite money

Look at all the CVEs I found

90min workshop, at GreHack infosec conf Ticket available tomorrow 10AM Bring a laptop 💻, we'll take care of the rest

Happy Friday! Enjoy our analysis of CVE-2025-36604, a pre-auth Command Inj in Dell's UnityVSA that we discovered and reported in March. labs.watchtowr.com/its-never-simp…

A new NetExec module: certipy-find🔥 As ADCS is still configured insecurely in many environments, I decided to integrate the certipy find command into NetExec. Now you can quickly find and enumerate vulnerable templates before bringing out the big guns.

The watchTowr Labs team is back, providing our full analysis of the Oracle E-Business Suite Pre-Auth RCE exploit chain (CVE-2025-61882). Enjoy with us (or cry, your choice..) labs.watchtowr.com/well-well-well…

Free image has been updated 🚀 It's much lighter (-10GB), great bump in tools version, better exegol history utility `exegol update free`

Today, we publish our analysis of CVE-2025-3600 that we discovered in Telerik UI, a prolific library used in hundreds of thousands of applications. Tagged as a Denial of Service vulnerability, today we go deeper and demonstrate RCE scenarios.. labs.watchtowr.com/more-than-dos-…

CVE-2025-11371