PentesterLab
@pentesterlab.com
We make learning web hacking and security easier. Online systems, code review, videos & courses that can be used to understand, test and exploit bugs!
Research Worth Reading Week 51/2025
A quieter week that perfectly fits the two deep dives!
📚 ORM Leaking More Than You Joined For
The latest opus in Elttam's posts on ORM leaks, including some semgrep rules and a reference to my blog post on the subject: www.elttam.com/blog/leaking...
A quieter week that perfectly fits the two deep dives!
📚 ORM Leaking More Than You Joined For
The latest opus in Elttam's posts on ORM leaks, including some semgrep rules and a reference to my blog post on the subject: www.elttam.com/blog/leaking...
ORM Leaking More Than You Joined For - elttamORM Leaking More Than You Joined For - elttam
elttam is a globally recognised, independent information security company, renowned for our advanced technical security assessments.
www.elttam.com
December 21, 2025 at 10:07 PM
Research Worth Reading Week 51/2025
A quieter week that perfectly fits the two deep dives!
📚 ORM Leaking More Than You Joined For
The latest opus in Elttam's posts on ORM leaks, including some semgrep rules and a reference to my blog post on the subject: www.elttam.com/blog/leaking...
A quieter week that perfectly fits the two deep dives!
📚 ORM Leaking More Than You Joined For
The latest opus in Elttam's posts on ORM leaks, including some semgrep rules and a reference to my blog post on the subject: www.elttam.com/blog/leaking...
Research Worth Reading Week 50/2025: SAML bypasses & LLM-assisted crash triage.
🔒 The Fragile Lock: Novel Bypasses for SAML Authentication
Ruby SAML falls again. An extraordinary exploit by the PortSwigger team: portswigger.net/research/the...
🔒 The Fragile Lock: Novel Bypasses for SAML Authentication
Ruby SAML falls again. An extraordinary exploit by the PortSwigger team: portswigger.net/research/the...
The Fragile Lock: Novel Bypasses For SAML Authentication
TLDR This post shows how to achieve a full authentication bypass in the Ruby and PHP SAML ecosystem by exploiting several parser-level inconsistencies: including attribute pollution, namespace confusi
portswigger.net
December 14, 2025 at 10:50 PM
Research Worth Reading Week 50/2025: SAML bypasses & LLM-assisted crash triage.
🔒 The Fragile Lock: Novel Bypasses for SAML Authentication
Ruby SAML falls again. An extraordinary exploit by the PortSwigger team: portswigger.net/research/the...
🔒 The Fragile Lock: Novel Bypasses for SAML Authentication
Ruby SAML falls again. An extraordinary exploit by the PortSwigger team: portswigger.net/research/the...
Reposted by PentesterLab
🧑🎓 Learning of the day for me thanks to:
- @pentesterlab.com for the presentation of the behavior and the code review lab.
- ChatGPT for the detailed explanation.
#appsec #appsecurity #python
- @pentesterlab.com for the presentation of the behavior and the code review lab.
- ChatGPT for the detailed explanation.
#appsec #appsecurity #python
December 13, 2025 at 8:44 AM
🧑🎓 Learning of the day for me thanks to:
- @pentesterlab.com for the presentation of the behavior and the code review lab.
- ChatGPT for the detailed explanation.
#appsec #appsecurity #python
- @pentesterlab.com for the presentation of the behavior and the code review lab.
- ChatGPT for the detailed explanation.
#appsec #appsecurity #python
Reposted by PentesterLab
I just completed @pentesterlab.com 's Recon Badge!!!
December 14, 2025 at 4:21 PM
I just completed @pentesterlab.com 's Recon Badge!!!
Welcome back to Slytherin! 🐍
We just released 3 new labs in our python^w Slytherin code review badge: real CVEs, sneaky bugs, and plenty of chances to sharpen your dark code arts..
Grab your wand here:
pentesterlab.com/badges/pytho...
We just released 3 new labs in our python^w Slytherin code review badge: real CVEs, sneaky bugs, and plenty of chances to sharpen your dark code arts..
Grab your wand here:
pentesterlab.com/badges/pytho...
PentesterLab: Learn with our Python Code Review Badge
The Python Code Review Badge is our badge dedicated to code review in Python. It covers the discovery of weaknesses and vulnerabilities using source code review.
pentesterlab.com
December 9, 2025 at 10:53 PM
Welcome back to Slytherin! 🐍
We just released 3 new labs in our python^w Slytherin code review badge: real CVEs, sneaky bugs, and plenty of chances to sharpen your dark code arts..
Grab your wand here:
pentesterlab.com/badges/pytho...
We just released 3 new labs in our python^w Slytherin code review badge: real CVEs, sneaky bugs, and plenty of chances to sharpen your dark code arts..
Grab your wand here:
pentesterlab.com/badges/pytho...
Research Worth Reading Week 49/2025:
⏰ Introducing constant-time support for LLVM to protect cryptographic code
Trail of Bits explains their work on adding constant-time support to LLVM so that compiled cryptographic code remains constant-time: blog.trailofbits.com/2025/12/02/i...
⏰ Introducing constant-time support for LLVM to protect cryptographic code
Trail of Bits explains their work on adding constant-time support to LLVM so that compiled cryptographic code remains constant-time: blog.trailofbits.com/2025/12/02/i...
Introducing constant-time support for LLVM to protect cryptographic code
Trail of Bits developed constant-time coding support for LLVM that prevents compilers from breaking cryptographic implementations vulnerable to timing attacks, introducing the __builtin_ct_select fami...
blog.trailofbits.com
December 7, 2025 at 10:45 PM
Research Worth Reading Week 49/2025:
⏰ Introducing constant-time support for LLVM to protect cryptographic code
Trail of Bits explains their work on adding constant-time support to LLVM so that compiled cryptographic code remains constant-time: blog.trailofbits.com/2025/12/02/i...
⏰ Introducing constant-time support for LLVM to protect cryptographic code
Trail of Bits explains their work on adding constant-time support to LLVM so that compiled cryptographic code remains constant-time: blog.trailofbits.com/2025/12/02/i...
Black Friday at @pentesterlab.com 🧨
For a limited time:
🔒 1 year of PRO for $146.52
🎓 Student special: 3 months PRO for $25.99
Hands-on labs. Real CVEs. Security code review training used by real AppSec & pentest teams.
⏰ Offer ends 2 Dec 2025, 23:59:59 UTC
👉 pentesterlab.com/pro
For a limited time:
🔒 1 year of PRO for $146.52
🎓 Student special: 3 months PRO for $25.99
Hands-on labs. Real CVEs. Security code review training used by real AppSec & pentest teams.
⏰ Offer ends 2 Dec 2025, 23:59:59 UTC
👉 pentesterlab.com/pro
November 27, 2025 at 10:06 PM
Black Friday at @pentesterlab.com 🧨
For a limited time:
🔒 1 year of PRO for $146.52
🎓 Student special: 3 months PRO for $25.99
Hands-on labs. Real CVEs. Security code review training used by real AppSec & pentest teams.
⏰ Offer ends 2 Dec 2025, 23:59:59 UTC
👉 pentesterlab.com/pro
For a limited time:
🔒 1 year of PRO for $146.52
🎓 Student special: 3 months PRO for $25.99
Hands-on labs. Real CVEs. Security code review training used by real AppSec & pentest teams.
⏰ Offer ends 2 Dec 2025, 23:59:59 UTC
👉 pentesterlab.com/pro
Added 3 new Java CVEs to our Java Code Review Badge!
Now at 64 real-world labs to sharpen your Java code review skills.
Try them here: pentesterlab.com/badges/java-...
More CVEs coming soon 👀🔥
Now at 64 real-world labs to sharpen your Java code review skills.
Try them here: pentesterlab.com/badges/java-...
More CVEs coming soon 👀🔥
PentesterLab: Learn with our Java Code Review Badge
The Java Code Review Badge is our badge dedicated to code review in Java. It covers the discovery of weaknesses and vulnerabilities using source code review.
pentesterlab.com
November 21, 2025 at 6:25 AM
Added 3 new Java CVEs to our Java Code Review Badge!
Now at 64 real-world labs to sharpen your Java code review skills.
Try them here: pentesterlab.com/badges/java-...
More CVEs coming soon 👀🔥
Now at 64 real-world labs to sharpen your Java code review skills.
Try them here: pentesterlab.com/badges/java-...
More CVEs coming soon 👀🔥
Articles worth reading discovered last week:
📲 security.googleblog.com/2025/11/rust...
📸 www.pixnapping.com
🧩 www.praetorian.com/blog/how-i-f...
🤖 buganizer.cc/hacking-gemi...
📲 security.googleblog.com/2025/11/rust...
📸 www.pixnapping.com
🧩 www.praetorian.com/blog/how-i-f...
🤖 buganizer.cc/hacking-gemi...
Rust in Android: move fast and fix things
Posted by Jeff Vander Stoep, Android Last year, we wrote about why a memory safety strategy that focuses on vulnerability prevention in ...
security.googleblog.com
November 16, 2025 at 11:23 PM
Articles worth reading discovered last week:
📲 security.googleblog.com/2025/11/rust...
📸 www.pixnapping.com
🧩 www.praetorian.com/blog/how-i-f...
🤖 buganizer.cc/hacking-gemi...
📲 security.googleblog.com/2025/11/rust...
📸 www.pixnapping.com
🧩 www.praetorian.com/blog/how-i-f...
🤖 buganizer.cc/hacking-gemi...
Reposted by PentesterLab
November 7, 2025 at 11:39 PM
Research to read this week: Android, Django, MCP…
🤖 knifecoat.com/Posts/Runtim...
🐍 www.endorlabs.com/learn/critic...
🌽 googleprojectzero.blogspot.com/2025/11/defe...
🤖 medium.com/@kulkan-secu...
🧑🏻💻 words.filippo.io/claude-debug...
#PentesterLabWeekly
🤖 knifecoat.com/Posts/Runtim...
🐍 www.endorlabs.com/learn/critic...
🌽 googleprojectzero.blogspot.com/2025/11/defe...
🤖 medium.com/@kulkan-secu...
🧑🏻💻 words.filippo.io/claude-debug...
#PentesterLabWeekly
Runtime Android Object Instrumentation - KnifeCoat
Intro This year I have been doing quite a bit Android userland analysis. Android is a wonderful platform to work on, great decompiler support (JEB), easy access to rooted devices (unless you buy NA l…
knifecoat.com
November 9, 2025 at 11:37 PM
Research to read this week: Android, Django, MCP…
🤖 knifecoat.com/Posts/Runtim...
🐍 www.endorlabs.com/learn/critic...
🌽 googleprojectzero.blogspot.com/2025/11/defe...
🤖 medium.com/@kulkan-secu...
🧑🏻💻 words.filippo.io/claude-debug...
#PentesterLabWeekly
🤖 knifecoat.com/Posts/Runtim...
🐍 www.endorlabs.com/learn/critic...
🌽 googleprojectzero.blogspot.com/2025/11/defe...
🤖 medium.com/@kulkan-secu...
🧑🏻💻 words.filippo.io/claude-debug...
#PentesterLabWeekly
Reposted by PentesterLab
Don't just look at bad code
Know what good looks like!
@pentesterlab.com
#Kawaiicon @kawaiicon.bsky.social
Know what good looks like!
@pentesterlab.com
#Kawaiicon @kawaiicon.bsky.social
November 7, 2025 at 11:40 PM
Don't just look at bad code
Know what good looks like!
@pentesterlab.com
#Kawaiicon @kawaiicon.bsky.social
Know what good looks like!
@pentesterlab.com
#Kawaiicon @kawaiicon.bsky.social
Articles worth reading discovered last week: Passports, WIFI and AI-SAST!
🛂 blog.trailofbits.com/2025/10/31/t...
🛜 pulsesecurity.co.nz/articles/byp...
🧠 parsiya.net/blog/wtf-is-...
🛂 blog.trailofbits.com/2025/10/31/t...
🛜 pulsesecurity.co.nz/articles/byp...
🧠 parsiya.net/blog/wtf-is-...
The cryptography behind electronic passports
This blog post describes how electronic passports work, the threats within their threat model, and how they protect against those threats using cryptography. It also discusses the implications of usin...
blog.trailofbits.com
November 2, 2025 at 10:51 PM
Articles worth reading discovered last week: Passports, WIFI and AI-SAST!
🛂 blog.trailofbits.com/2025/10/31/t...
🛜 pulsesecurity.co.nz/articles/byp...
🧠 parsiya.net/blog/wtf-is-...
🛂 blog.trailofbits.com/2025/10/31/t...
🛜 pulsesecurity.co.nz/articles/byp...
🧠 parsiya.net/blog/wtf-is-...
Reposted by PentesterLab
Yeah @nastystereo.com I think you and @pentesterlab.com would get along just fine collabbing. 👀
October 30, 2025 at 12:42 AM
Yeah @nastystereo.com I think you and @pentesterlab.com would get along just fine collabbing. 👀
Reposted by PentesterLab
Upgrading the designer bag with a necessary accessory @pentesterlab.com
October 30, 2025 at 11:32 PM
Upgrading the designer bag with a necessary accessory @pentesterlab.com
🚨 New labs just dropped!
3 new Python Code Review labs are now live on PentesterLab 🐍
Learn to spot subtle bugs and insecure patterns by reading real Python code.
🎯 pentesterlab.com/badges/python-code-review
#Python #AppSec #CodeReview #PentesterLab
3 new Python Code Review labs are now live on PentesterLab 🐍
Learn to spot subtle bugs and insecure patterns by reading real Python code.
🎯 pentesterlab.com/badges/python-code-review
#Python #AppSec #CodeReview #PentesterLab
PentesterLab: Learn with our Python Code Review Badge
The Python Code Review Badge is our badge dedicated to code review in Python. It covers the discovery of weaknesses and vulnerabilities using source code review.
pentesterlab.com
October 28, 2025 at 3:37 AM
🚨 New labs just dropped!
3 new Python Code Review labs are now live on PentesterLab 🐍
Learn to spot subtle bugs and insecure patterns by reading real Python code.
🎯 pentesterlab.com/badges/python-code-review
#Python #AppSec #CodeReview #PentesterLab
3 new Python Code Review labs are now live on PentesterLab 🐍
Learn to spot subtle bugs and insecure patterns by reading real Python code.
🎯 pentesterlab.com/badges/python-code-review
#Python #AppSec #CodeReview #PentesterLab
Reposted by PentesterLab
Really awesome preso from @snyff.pentesterlab.com @pentesterlab.com over at BSides Perth. Jam packed with patterns, approaches, tips and tricks to level up finding bugs in code. #bsides #bsidesperth
October 19, 2025 at 2:33 AM
Really awesome preso from @snyff.pentesterlab.com @pentesterlab.com over at BSides Perth. Jam packed with patterns, approaches, tips and tricks to level up finding bugs in code. #bsides #bsidesperth
The past few weeks have been quiet, but we’re back!
🛠️ deepwiki.com
🛠️ github.com/AsyncFuncAI/...
🪲 blog.trailofbits.com/2025/04/23/h...
🛠️ github.com/quarkslab/pr...
🛡️ hdm.io/decks/Charti...
🛠️ deepwiki.com
🛠️ github.com/AsyncFuncAI/...
🪲 blog.trailofbits.com/2025/04/23/h...
🛠️ github.com/quarkslab/pr...
🛡️ hdm.io/decks/Charti...
DeepWiki | AI documentation you can talk to, for every repo
DeepWiki provides up-to-date documentation you can talk to, for every repo in the world. Think Deep Research for GitHub - powered by Devin.
deepwiki.com
May 4, 2025 at 10:37 PM
The past few weeks have been quiet, but we’re back!
🛠️ deepwiki.com
🛠️ github.com/AsyncFuncAI/...
🪲 blog.trailofbits.com/2025/04/23/h...
🛠️ github.com/quarkslab/pr...
🛡️ hdm.io/decks/Charti...
🛠️ deepwiki.com
🛠️ github.com/AsyncFuncAI/...
🪲 blog.trailofbits.com/2025/04/23/h...
🛠️ github.com/quarkslab/pr...
🛡️ hdm.io/decks/Charti...
Your face when you realize your next security code review is on a Clojure codebase...
April 20, 2025 at 11:10 PM
Your face when you realize your next security code review is on a Clojure codebase...
Articles worth reading discovered last week:
🪲 labs.watchtowr.com/xss-to-rce-b...
🧩 gist.github.com/Panya/990b45...
#PentesterLabWeekly
🪲 labs.watchtowr.com/xss-to-rce-b...
🧩 gist.github.com/Panya/990b45...
#PentesterLabWeekly
XSS To RCE By Abusing Custom File Handlers - Kentico Xperience CMS (CVE-2025-2748)
We know what you’re waiting for - this isn’t it. Today, we’re back with more tales of our adventures in Kentico’s Xperience CMS. Due to it’s wide usage, the type of solution, and the types of enterpri...
labs.watchtowr.com
April 6, 2025 at 9:54 PM
Articles worth reading discovered last week:
🪲 labs.watchtowr.com/xss-to-rce-b...
🧩 gist.github.com/Panya/990b45...
#PentesterLabWeekly
🪲 labs.watchtowr.com/xss-to-rce-b...
🧩 gist.github.com/Panya/990b45...
#PentesterLabWeekly
Two great pieces of content for this week:
🪲 www.wiz.io/blog/ingress...
🪲 zhero-web-sec.github.io/research-and...
#PentesterLabWeekly
🪲 www.wiz.io/blog/ingress...
🪲 zhero-web-sec.github.io/research-and...
#PentesterLabWeekly
Remote Code Execution Vulnerabilities in Ingress NGINX | Wiz Blog
Wiz Research uncovered RCE vulnerabilities (CVE-2025-1097, 1098, 24514, 1974) in Ingress NGINX for Kubernetes allowing cluster-wide secret access.
www.wiz.io
March 30, 2025 at 9:33 PM
Two great pieces of content for this week:
🪲 www.wiz.io/blog/ingress...
🪲 zhero-web-sec.github.io/research-and...
#PentesterLabWeekly
🪲 www.wiz.io/blog/ingress...
🪲 zhero-web-sec.github.io/research-and...
#PentesterLabWeekly
‼️ blog.doyensec.com/2025/03/18/e...
📨 workos.com/blog/samlstorm
🛤️ projectdiscovery.io/blog/discour...
☑️ labs.watchtowr.com/by-executive...
❤️ tmpout.sh/4/
🗼 labs.watchtowr.com/bypassing-au...
Get our weekly news direct to your mailbox: pentesterlab.substack.com
📨 workos.com/blog/samlstorm
🛤️ projectdiscovery.io/blog/discour...
☑️ labs.watchtowr.com/by-executive...
❤️ tmpout.sh/4/
🗼 labs.watchtowr.com/bypassing-au...
Get our weekly news direct to your mailbox: pentesterlab.substack.com
!exploitable Episode Three - Devfile Adventures · Doyensec's Blog
!exploitable Episode Three - Devfile Adventures
blog.doyensec.com
March 23, 2025 at 10:00 PM
‼️ blog.doyensec.com/2025/03/18/e...
📨 workos.com/blog/samlstorm
🛤️ projectdiscovery.io/blog/discour...
☑️ labs.watchtowr.com/by-executive...
❤️ tmpout.sh/4/
🗼 labs.watchtowr.com/bypassing-au...
Get our weekly news direct to your mailbox: pentesterlab.substack.com
📨 workos.com/blog/samlstorm
🛤️ projectdiscovery.io/blog/discour...
☑️ labs.watchtowr.com/by-executive...
❤️ tmpout.sh/4/
🗼 labs.watchtowr.com/bypassing-au...
Get our weekly news direct to your mailbox: pentesterlab.substack.com
If people spent as much time actually learning hacking as they do optimizing how to learn hacking, they’d be a lot better at it. Just start. Break things. Learn. Repeat.
March 20, 2025 at 9:18 AM
If people spent as much time actually learning hacking as they do optimizing how to learn hacking, they’d be a lot better at it. Just start. Break things. Learn. Repeat.
What a week! SAML&Ruby, PHP&XXE and so much more!
📨 github.blog/security/sig...
🧑🏻💻 seeinglogic.com/posts/visual...
🤯 swarm.ptsecurity.com/impossible-x...
😻 scrapco.de/blog/analysi...
More details in our blog: pentesterlab.com/blog/researc...
#PentesterLabWeekly
📨 github.blog/security/sig...
🧑🏻💻 seeinglogic.com/posts/visual...
🤯 swarm.ptsecurity.com/impossible-x...
😻 scrapco.de/blog/analysi...
More details in our blog: pentesterlab.com/blog/researc...
#PentesterLabWeekly
Sign in as anyone: Bypassing SAML SSO authentication with parser differentials
Critical authentication bypass vulnerabilities were discovered in ruby-saml up to version 1.17.0. See how they were uncovered.
github.blog
March 16, 2025 at 10:22 PM
What a week! SAML&Ruby, PHP&XXE and so much more!
📨 github.blog/security/sig...
🧑🏻💻 seeinglogic.com/posts/visual...
🤯 swarm.ptsecurity.com/impossible-x...
😻 scrapco.de/blog/analysi...
More details in our blog: pentesterlab.com/blog/researc...
#PentesterLabWeekly
📨 github.blog/security/sig...
🧑🏻💻 seeinglogic.com/posts/visual...
🤯 swarm.ptsecurity.com/impossible-x...
😻 scrapco.de/blog/analysi...
More details in our blog: pentesterlab.com/blog/researc...
#PentesterLabWeekly