Blog posts

Detailed technical analysis of content spoofing (CVE-2026-20732) and SSRF-style reconnaissance security exposure discovered in F5 BIG-IP version 17.1.2.2. This assessment demonstrates how authenticated attackers can exploit administrative interfaces for UI manipulation and network reconnaissance.

This article explores advanced techniques for automating SAP GUI interactions using Python and Windows API. It demonstrates how to manage window focus, navigate dynamic fields, and simulate keystrokes at the OS level - offering a robust alternative to SAP scripting in restricted environments. Through practical examples and a detailed analysis of script execution, readers will learn how to streamline SAP login processes, improve reliability, and integrate SAP GUI automation into broader workflows.

In the second part of this series, we delve into automated reconnaissance and attacks within the Java RMI framework. Leveraging the RMI interface/server introduced in Part One, we explore practical techniques for penetration testing. This installment aims to equip pentesters with essential skills for efficient RMI exploitation.

This article is a comprehensive guide to testing and exploiting Java deserialization in 2021. It provides valuable insights and practical tips based on the author’s experience in Java application penetration testing. As Java environments evolve, the article addresses the question of whether Java deserialization remains a threat or if patches have mitigated its risks.

This guide explores practical strategies for exploiting FILE READ vulnerabilities. It delves into what File Read vulnerabilities entail, their potential risks, and the underlying vulnerabilities that can lead to them. The content also offers insights into confirming the presence of these vulnerabilities and provides useful tips for addressing them. Additionally, it examines the possible advantages and drawbacks of exploiting these vulnerabilities, along with offering general prevention and detection strategies for web applications.

This article will guide you in gaining initial access to a target during a Red Team assessment. It is divided into two parts for easy comprehension. The first part details the use of OSINT for Malware delivery, primarily for spear phishing. The second part covers creating malware and making use of evasion techniques. We hope you find this article both informative and enjoyable!

Understand the risks associated with the use of large language models based on the OWASP Top 10 for LLMs list. The article aims to illustrate and explain through examples the vulnerabilities in applications that use LLMs.

Read about multiple vulnerabilities in IBM i Access Client Solutions software related to connecting AS400 servers. Chaining those vulnerabilities could allow remote attackers to access client and server machines.

Take a look at the security & privacy improvements brought to its users in Android 15. The article explores what was changed, how it affects daily users and application developers.

This article delves into advanced methods for running code on systems safeguarded by hardened policies. Expanding on prior discussions about initial access approaches, it uncovers weaknesses in seemingly strong security measures. It offers insights into how Red Team Operators can navigate these obstacles in corporate settings.