This article discloses the discovery, exploitation and responsible disclosure of an authenticated command injection zero-day vulnerability in the CyberPanel software solution
This article discloses the discovery, exploitation and responsible disclosure of an authenticated command injection zero-day vulnerability in the TP-Link Archer router series
This article delves into the techniques utilized by threat actors while navigating a company’s network laterally. Its objective is to assist network administrators in comprehending the risks tied to lateral movement, unraveling the process, and outlining preventive measures.
This article explores the exploitation of the EchOh-No vulnerability regarding the kernel driver of an anticheat tool used for Minecraft, Rust, FiveM and Roblox. The primary objective of this exploit is to disable antivirus and/or endpoint detection and response (EDR) defenses present on computer systems. The feasibility of this objective is demonstrated through the use of a Proof-of-Concept (PoC).
This article delves into the intricate technique of masquerading the process environment block within one’s own process, ingeniously making it indistinguishable from explorer.exe. The primary objective of this study is to present a comprehensive Proof-of-Concept (PoC) developed in the Rust programming language. Through this PoC, the article effectively demonstrates the seamless transformation of the process into an authentic explorer.exe instance when examined using a debugger.