Vulnerability Research on Low-Level Systems

1Password, a popular password management platform used by over 100,000 businesses, suffered a security incident after hackers gained access to its Okta ID management tenant.

Kubernetes has emerged as the go-to solution for managing containerized applications in modern software development. It offers powerful…

It's time for another round Citrix Patch Diffing! Earlier this month Citrix released a security bulletin which mentioned "unauthenticated buffer-related vulnerabilities" and two CVEs. These issues affected Citrix NetScaler ADC and NetScaler Gateway.

How to write great vulnerability reports? If you’re a security consultant, penetration tester or a bug bounty hunter these tips are for…

By Sergi Martinez Overview It’s been a while since our last technical blogpost, so here’s one right on time for the Christmas holidays. We describe a method to exploit a use-after-free in the Linux kernel when objects are allocated in a specific slab cache…

This article is in no way affiliated, sponsored, or endorsed with/by Visualware, Inc. All graphics are being displayed under fair use for the purposes of this article.

Revisiting an Old Bug: File Upload to Code Execution
A colleague recently contacted…

The Portable Executable (PE) base relocation table is crucial in Windows executable files. It handles memory addresses for functions and data, making sure the program runs well no matter where it's loaded in memory.

XWorm is a multi-purpose malware family, commonly used as RAT. This post contains a detailed analysis and walk-through the reverse-engineering process.

The installation is easy. You can download a prebuilt binary from the releases page, unpack and run! or with

Raw sockets hacking - Date: 18/12/2022

Financially motivated threat actor Octo Tempest's evolving campaigns represent growing concern for organizations across multiple industries.

Discover our testing results on an experiment named MOUSELAB, a derivation of PIPEDREAM OPC UA Module, MOUSEHOLE, to assess the impacts of its capabilities.

Disengaging Loader Lock to do anything directly from DLLMain...

Overview In an effort to safeguard our customers, we perform proactive vulnerability research with the goal of identifying zero-day vulnerabilities that are likely to impact the security of leading organizations.  We decided to focus on the F5 BIG-IP suite…

Adversaries can steal credentials, cookies and other private data from browsers using various techniques. We cover how you can simulate Credential Stealing From Browser s and detect it with your security tools. Sigma Rules Inside.

In this paper I will expose critical flaws in Akamai's implementation that lead to NTLM credential exposure. I'll demonstrate how these vulnerabilities chain across F5 infrastructure, presenting attack techniques and essential mitigations for defenders.