WarthogTK
@warthogtk.bsky.social
Pentester | Ex MD (Intensivist & Healthcare Simulation) | (Black) Arch Enthusiast |
Infosec - AD - Windows Internals/Maldev enthusiast |
Geopolitics, Defense, Disinformation, Hybrid warfare | DCS, Gaming, Metal
(OU=FR,DC=WORLD,DC=UNIVERSE)
Infosec - AD - Windows Internals/Maldev enthusiast |
Geopolitics, Defense, Disinformation, Hybrid warfare | DCS, Gaming, Metal
(OU=FR,DC=WORLD,DC=UNIVERSE)
Is It CitrixBleed4? Well, No. Is It Good? Also, No. (Citrix NetScaler Memory Leak & RXSS CVE-2025-12101)
labs.watchtowr.com/is-it-citrix...
labs.watchtowr.com/is-it-citrix...
Is It CitrixBleed4? Well, No. Is It Good? Also, No. (Citrix NetScaler Memory Leak & RXSS CVE-2025-12101)
There’s an elegance to vulnerability research that feels almost poetic - the quiet dance between chaos and control. It’s the art of peeling back the layers of complexity, not to destroy but to…
labs.watchtowr.com
November 12, 2025 at 7:10 PM
Is It CitrixBleed4? Well, No. Is It Good? Also, No. (Citrix NetScaler Memory Leak & RXSS CVE-2025-12101)
labs.watchtowr.com/is-it-citrix...
labs.watchtowr.com/is-it-citrix...
You win some, you CheckSum: New Kerberos delegation vulnerability discovered—attackers could impersonate, escalate privileges and stay hidden | Silverfort
www.silverfort.com/blog/you-win...
www.silverfort.com/blog/you-win...
You win some, you CheckSum: New Kerberos delegation vulnerability discovered—attackers could impersonate, escalate privileges and stay hidden
Technical details for CVE-2025-60704 (CheckSum) to be unveiled at BlackHat EU2025…
www.silverfort.com
November 11, 2025 at 11:06 PM
You win some, you CheckSum: New Kerberos delegation vulnerability discovered—attackers could impersonate, escalate privileges and stay hidden | Silverfort
www.silverfort.com/blog/you-win...
www.silverfort.com/blog/you-win...
Look At This Photograph - Passively Downloading Malware Payloads Via Image Caching
malwaretech.com/2025/10/exif...
malwaretech.com/2025/10/exif...
Look At This Photograph - Passively Downloading Malware Payloads Via Image Caching
Detailing an improved Cache Smuggling technique to turn 3rd party software into passive malware downloader.
malwaretech.com
November 11, 2025 at 7:52 PM
Look At This Photograph - Passively Downloading Malware Payloads Via Image Caching
malwaretech.com/2025/10/exif...
malwaretech.com/2025/10/exif...
CVE-2025-41253 Using Spring Expression Language To Expose Environment Variables and System Properties – psytester psytester.github.io/CVE-2025-412...
CVE-2025-41253 Using Spring Expression Language To Expose Environment Variables and System Properties
Overview
psytester.github.io
November 10, 2025 at 9:36 PM
CVE-2025-41253 Using Spring Expression Language To Expose Environment Variables and System Properties – psytester psytester.github.io/CVE-2025-412...
Deleting the BCD through COM as low privileged user - Warpnet warpnet.nl/blog/deletin...
Deleting the BCD through COM as low privileged user - Warpnet
CVE-2025-59253: Demonstrating a vulnerability in Windows that leads to a low privileged user being able to delete the boot configuration data (BCD) through COM.
warpnet.nl
November 10, 2025 at 8:44 PM
Deleting the BCD through COM as low privileged user - Warpnet warpnet.nl/blog/deletin...
How I Found the Worst ASP.NET Vulnerability — A $10K Bug (CVE-2025-55315) www.praetorian.com/blog/how-i-f...
How I Found the Worst ASP.NET Vulnerability — A $10K Bug (CVE-2025-55315)
Introduction Earlier this year, I earned a $10,000 bounty from Microsoft after discovering a critical HTTP request smuggling vulnerability in ASP.NET Core’s Kestrel server (CVE-2025-55315). The…
www.praetorian.com
November 10, 2025 at 7:47 PM
How I Found the Worst ASP.NET Vulnerability — A $10K Bug (CVE-2025-55315) www.praetorian.com/blog/how-i-f...
Critical SQL Injection Vulnerability in Django (CVE-2025-64459) | Blog | Endor Labs
www.endorlabs.com/learn/critic...
www.endorlabs.com/learn/critic...
Critical SQL Injection Vulnerability in Django (CVE-2025-64459) | Blog | Endor Labs
Critical SQL Injection Vulnerability in Django (CVE-2025-64459). Learn what happened, root cause, impact, and how to mitigate.
www.endorlabs.com
November 10, 2025 at 10:28 AM
Critical SQL Injection Vulnerability in Django (CVE-2025-64459) | Blog | Endor Labs
www.endorlabs.com/learn/critic...
www.endorlabs.com/learn/critic...
From vendor to ESC1 medium.com/@Debugger/fr...
From vendor to ESC1
This post isn’t about vendor-bashing. With attacks against Active Directory Certificate Services (ADCS) increasing, I want to show how…
medium.com
November 8, 2025 at 7:31 PM
From vendor to ESC1 medium.com/@Debugger/fr...
Reposted by WarthogTK
Soon, @exegogol & THR ! 💣
️
Guests ➡️ @_nwodtuhs & @Dramelac_ 🏰
Co-Streamer & Militant Exegol ➡️ @rayanlecat 🥸
️
Guests ➡️ @_nwodtuhs & @Dramelac_ 🏰
Co-Streamer & Militant Exegol ➡️ @rayanlecat 🥸
November 7, 2025 at 9:19 AM
Soon, @exegogol & THR ! 💣
️
Guests ➡️ @_nwodtuhs & @Dramelac_ 🏰
Co-Streamer & Militant Exegol ➡️ @rayanlecat 🥸
️
Guests ➡️ @_nwodtuhs & @Dramelac_ 🏰
Co-Streamer & Militant Exegol ➡️ @rayanlecat 🥸
0-Day MSR Kernel Exploit for Windows 11 25H2 www.exploitpack.com/blogs/news/0...
0-Day MSR Kernel Exploit for Windows 11 25H2
New 0-day Windows Kernel Exploit, working in Windows 11 25h2 fully patched.It took me 2 weeks of endless coffee cups! MSRs control where the CPU jumps for privileged transitions, they are a sensitive…
www.exploitpack.com
November 8, 2025 at 3:07 PM
0-Day MSR Kernel Exploit for Windows 11 25H2 www.exploitpack.com/blogs/news/0...
Introduction - OWASP Top 10:2025 RC1 owasp.org/Top10/2025/0...
Introduction - OWASP Top 10:2025 RC1
OWASP Top 10:2025 RC1
owasp.org
November 7, 2025 at 10:15 PM
Introduction - OWASP Top 10:2025 RC1 owasp.org/Top10/2025/0...
Nunjucks - Exploiting Second-Order SSTI
No AI was used to write this article
adeadfed.com
November 7, 2025 at 8:06 PM
What’s That Coming Over The Hill? (Monsta FTP Remote Code Execution CVE-2025-34299)
labs.watchtowr.com/whats-that-c...
labs.watchtowr.com/whats-that-c...
What’s That Coming Over The Hill? (Monsta FTP Remote Code Execution CVE-2025-34299)
Happy Friday, friends and.. others. We’re glad/sorry to hear that your week has been good/bad, and it’s the weekend/but at least it’s almost the weekend! What’re We Doing Today, Mr Fox? Today, in a…
labs.watchtowr.com
November 7, 2025 at 8:04 PM
What’s That Coming Over The Hill? (Monsta FTP Remote Code Execution CVE-2025-34299)
labs.watchtowr.com/whats-that-c...
labs.watchtowr.com/whats-that-c...
Ghosts in /proc: Manipulation and Timeline Corruption | Group-IB Blog
www.group-ib.com/blog/ghosts-...
www.group-ib.com/blog/ghosts-...
https://www.group-ib.com/blog/ghosts-in-proc/
www.group-ib.com
November 7, 2025 at 9:04 AM
Ghosts in /proc: Manipulation and Timeline Corruption | Group-IB Blog
www.group-ib.com/blog/ghosts-...
www.group-ib.com/blog/ghosts-...
Tool Spotlight: TaskHound - r0bit's blog r0bit.io/posts/taskho...
Tool Spotlight: TaskHound - r0bit's blog
[ home | posts | toolshed | whoami ]
r0bit.io
November 7, 2025 at 9:01 AM
Tool Spotlight: TaskHound - r0bit's blog r0bit.io/posts/taskho...
gopengraph
A Go library to create BloodHound OpenGraphs easily
github.com/TheManticore... by @podalirius.bsky.social
A Go library to create BloodHound OpenGraphs easily
github.com/TheManticore... by @podalirius.bsky.social
GitHub - TheManticoreProject/gopengraph: A Go library to create BloodHound OpenGraphs easily
A Go library to create BloodHound OpenGraphs easily - TheManticoreProject/gopengraph
github.com
November 6, 2025 at 7:01 AM
gopengraph
A Go library to create BloodHound OpenGraphs easily
github.com/TheManticore... by @podalirius.bsky.social
A Go library to create BloodHound OpenGraphs easily
github.com/TheManticore... by @podalirius.bsky.social
Reposted by WarthogTK
“We should have banned government use of face recognition when we had the chance because it is dangerous, invasive, and an inherent threat to civil liberties,” EFF’s @MGuariglia.bsky.social told @404Media.co. www.404media.co/ice-and-cbp...
ICE and CBP Agents Are Scanning Peoples’ Faces on the Street To Verify Citizenship
Videos on social media show officers from ICE and CBP using facial recognition technology on people in the field. One expert described the practice as “pure dystopian creep.”
www.404media.co
October 29, 2025 at 8:03 PM
“We should have banned government use of face recognition when we had the chance because it is dangerous, invasive, and an inherent threat to civil liberties,” EFF’s @MGuariglia.bsky.social told @404Media.co. www.404media.co/ice-and-cbp...
Creating a "Two-Face" Rust binary on Linux
www.synacktiv.com/en/publicati...
www.synacktiv.com/en/publicati...
Creating a "Two-Face" Rust binary on Linux
Creating a "Two-Face" Rust binary on Linux
www.synacktiv.com
November 5, 2025 at 10:04 PM
Creating a "Two-Face" Rust binary on Linux
www.synacktiv.com/en/publicati...
www.synacktiv.com/en/publicati...
CVE-2025-62725: From “docker compose ps” to System Compromise
www.imperva.com/blog/cve-202...
www.imperva.com/blog/cve-202...
CVE-2025-62725: From “docker compose ps” to System Compromise | Imperva
Docker Compose powers millions of workflows, from CI/CD runners and local development stacks to cloud workspaces and enterprise build pipelines. It’s trusted by developers as the friendly layer above…
www.imperva.com
November 5, 2025 at 10:02 PM
CVE-2025-62725: From “docker compose ps” to System Compromise
www.imperva.com/blog/cve-202...
www.imperva.com/blog/cve-202...
C# tool for requesting certificates from ADCS using DCOM over SMB. This allows you to remotely request X.509 certificates from CA server using the MS-WCCE protocol over DCOM and It bypasses the traditional endpoint mapper requirement by using SMB directly.
github.com/7hePr0fess0r...
github.com/7hePr0fess0r...
GitHub - 7hePr0fess0r/ADCSDevilCOM: A C# tool for requesting certificates from ADCS using DCOM over SMB. This tool allows you to remotely request X.509 certificates from CA server using the MS-WCCE protocol over DCOM and It bypasses the traditional endpoint mapper requirement by using SMB directly.
A C# tool for requesting certificates from ADCS using DCOM over SMB. This tool allows you to remotely request X.509 certificates from CA server using the MS-WCCE protocol over DCOM and It bypasses ...
github.com
November 5, 2025 at 9:15 PM
C# tool for requesting certificates from ADCS using DCOM over SMB. This allows you to remotely request X.509 certificates from CA server using the MS-WCCE protocol over DCOM and It bypasses the traditional endpoint mapper requirement by using SMB directly.
github.com/7hePr0fess0r...
github.com/7hePr0fess0r...