Back
Blog
- Nimhawk v2.0: Development Update
C4-style relay multi-agent architecture, cross-platform agents, and upcoming self-contained TCP mesh networking.
- Introducing Nimhawk C2
A powerful, modular, lightweight and efficient command & control framework written in Nim for red team operations.
- WebKit CVE-2016-4622: Array.slice Memory Disclosure
Comprehensive analysis and exploitation of the WebKit JavaScript Core vulnerability that enables memory disclosure through Array.slice manipulation
- D-Link DIR600 Remote Code Execution Exploit Chain
Complete exploit chain for D-Link DIR600 routers using CSRF, authentication bypass, and RCE to achieve persistent backdoor access via single HTTP link.
- CVE-2019-9194: elFinder Command Injection 1-Day Exploit
Analysis and exploitation of CVE-2019-9194, a command injection vulnerability in elFinder, from discovery to functional exploit development.
- CVE-2019-9960: LimeSurvey Arbitrary File Download
Analysis of CVE-2019-9960, arbitrary file download vulnerability in LimeSurvey through Directory Traversal exploitation.
- CVE-2019-14670 - LimeSurvey TCPDF RCE via PHAR File
Remote code execution in LimeSurvey < 3.17 through TCPDF PHAR deserialization attack, exploiting queXML PDF export functionality.
- CVE-2019-3809: Moodle Blind SSRF Vulnerability Analysis
Analysis of a Blind Server-Side Request Forgery vulnerability in Moodle's badge backpack functionality allowing internal network reconnaissance.
- Escalating TP-Link Firmware Vulnerabilities
Automated vulnerability pattern detection across multiple TP-Link firmware versions using Ghidra scripting and Binwalk to discover CVE-2018-16119.
- CVE-2018-16119: TP-Link Router Remote Code Execution
Detailed analysis of CVE-2018-16119, a buffer overflow vulnerability in TP-Link WR1043ND routers leading to remote code execution via ROP chains.
Get free template