WarthogTK
@warthogtk.bsky.social
Pentester | Ex MD (Intensivist & Healthcare Simulation) | (Black) Arch Enthusiast |
Infosec - AD - Windows Internals/Maldev enthusiast |
Geopolitics, Defense, Disinformation, Hybrid warfare | DCS, Gaming, Metal
(OU=FR,DC=WORLD,DC=UNIVERSE)
Infosec - AD - Windows Internals/Maldev enthusiast |
Geopolitics, Defense, Disinformation, Hybrid warfare | DCS, Gaming, Metal
(OU=FR,DC=WORLD,DC=UNIVERSE)
Active Directory Security: Trusts Stuck on Windows 2000 Attributes www.tenable.com/blog/active-...
Active Directory Security: Trusts Stuck on Windows 2000 Attributes | Tenable®
Upgrading Active Directory from Windows 2000 doesn't fix old intra-forest trusts. This security anomaly can lead to misidentification as potentially insecure external trusts. See Tenable's solution.
www.tenable.com
November 21, 2025 at 9:26 PM
Active Directory Security: Trusts Stuck on Windows 2000 Attributes www.tenable.com/blog/active-...
Production-grade Web Application Firewall testing tool. Detects Cloudflare, AWS WAF, Akamai & more. Identifies bypass vectors via URL normalization. Perfect for bug bounty & pentesting.
github.com/theghostshin...
github.com/theghostshin...
GitHub - theghostshinobi/waf-stressor: Production-grade Web Application Firewall testing tool. Detects Cloudflare, AWS WAF, Akamai & more. Identifies bypass vectors via URL normalization. Perfect for bug bounty & pentesting.
Production-grade Web Application Firewall testing tool. Detects Cloudflare, AWS WAF, Akamai & more. Identifies bypass vectors via URL normalization. Perfect for bug bounty & pentesting. - t...
labs.watchtowr.com
November 17, 2025 at 7:33 PM
Production-grade Web Application Firewall testing tool. Detects Cloudflare, AWS WAF, Akamai & more. Identifies bypass vectors via URL normalization. Perfect for bug bounty & pentesting.
github.com/theghostshin...
github.com/theghostshin...
When The Impersonation Function Gets Used To Impersonate Users (Fortinet FortiWeb Auth. Bypass CVE-2025-64446) labs.watchtowr.com/when-the-imp...
When The Impersonation Function Gets Used To Impersonate Users (Fortinet FortiWeb Auth. Bypass CVE-2025-64446)
The Internet is ablaze, and once again we all have a front-row seat - a bad person, if you can believe it, is doing a bad thing! The first warning of such behaviour came from the great team at…
labs.watchtowr.com
November 15, 2025 at 8:09 PM
When The Impersonation Function Gets Used To Impersonate Users (Fortinet FortiWeb Auth. Bypass CVE-2025-64446) labs.watchtowr.com/when-the-imp...
Injection for an athlete swarm.ptsecurity.com/injection-fo...
Injection for an athlete
After yet another workout where my sports watch completely lost GPS, I’d had enough. I decided to dig into its firmware and pinpoint the problem. I couldn’t find it published anywhere. No download…
swarm.ptsecurity.com
November 15, 2025 at 8:08 PM
Injection for an athlete swarm.ptsecurity.com/injection-fo...
Detecting Jira & Confluence Versions and Mapping Known CVEs fenrisk.com/atlasscan
Detecting Jira & Confluence Versions and Mapping Known CVEs
Detecting Jira & Confluence Versions and Mapping Known CVEs
fenrisk.com
November 13, 2025 at 12:19 PM
Detecting Jira & Confluence Versions and Mapping Known CVEs fenrisk.com/atlasscan
Is It CitrixBleed4? Well, No. Is It Good? Also, No. (Citrix NetScaler Memory Leak & RXSS CVE-2025-12101)
labs.watchtowr.com/is-it-citrix...
labs.watchtowr.com/is-it-citrix...
Is It CitrixBleed4? Well, No. Is It Good? Also, No. (Citrix NetScaler Memory Leak & RXSS CVE-2025-12101)
There’s an elegance to vulnerability research that feels almost poetic - the quiet dance between chaos and control. It’s the art of peeling back the layers of complexity, not to destroy but to…
labs.watchtowr.com
November 12, 2025 at 7:10 PM
Is It CitrixBleed4? Well, No. Is It Good? Also, No. (Citrix NetScaler Memory Leak & RXSS CVE-2025-12101)
labs.watchtowr.com/is-it-citrix...
labs.watchtowr.com/is-it-citrix...
You win some, you CheckSum: New Kerberos delegation vulnerability discovered—attackers could impersonate, escalate privileges and stay hidden | Silverfort
www.silverfort.com/blog/you-win...
www.silverfort.com/blog/you-win...
You win some, you CheckSum: New Kerberos delegation vulnerability discovered—attackers could impersonate, escalate privileges and stay hidden
Technical details for CVE-2025-60704 (CheckSum) to be unveiled at BlackHat EU2025…
www.silverfort.com
November 11, 2025 at 11:06 PM
You win some, you CheckSum: New Kerberos delegation vulnerability discovered—attackers could impersonate, escalate privileges and stay hidden | Silverfort
www.silverfort.com/blog/you-win...
www.silverfort.com/blog/you-win...
Look At This Photograph - Passively Downloading Malware Payloads Via Image Caching
malwaretech.com/2025/10/exif...
malwaretech.com/2025/10/exif...
Look At This Photograph - Passively Downloading Malware Payloads Via Image Caching
Detailing an improved Cache Smuggling technique to turn 3rd party software into passive malware downloader.
malwaretech.com
November 11, 2025 at 7:52 PM
Look At This Photograph - Passively Downloading Malware Payloads Via Image Caching
malwaretech.com/2025/10/exif...
malwaretech.com/2025/10/exif...
CVE-2025-41253 Using Spring Expression Language To Expose Environment Variables and System Properties – psytester psytester.github.io/CVE-2025-412...
CVE-2025-41253 Using Spring Expression Language To Expose Environment Variables and System Properties
Overview
psytester.github.io
November 10, 2025 at 9:36 PM
CVE-2025-41253 Using Spring Expression Language To Expose Environment Variables and System Properties – psytester psytester.github.io/CVE-2025-412...
Deleting the BCD through COM as low privileged user - Warpnet warpnet.nl/blog/deletin...
Deleting the BCD through COM as low privileged user - Warpnet
CVE-2025-59253: Demonstrating a vulnerability in Windows that leads to a low privileged user being able to delete the boot configuration data (BCD) through COM.
warpnet.nl
November 10, 2025 at 8:44 PM
Deleting the BCD through COM as low privileged user - Warpnet warpnet.nl/blog/deletin...
How I Found the Worst ASP.NET Vulnerability — A $10K Bug (CVE-2025-55315) www.praetorian.com/blog/how-i-f...
How I Found the Worst ASP.NET Vulnerability — A $10K Bug (CVE-2025-55315)
Introduction Earlier this year, I earned a $10,000 bounty from Microsoft after discovering a critical HTTP request smuggling vulnerability in ASP.NET Core’s Kestrel server (CVE-2025-55315). The…
www.praetorian.com
November 10, 2025 at 7:47 PM
How I Found the Worst ASP.NET Vulnerability — A $10K Bug (CVE-2025-55315) www.praetorian.com/blog/how-i-f...
Critical SQL Injection Vulnerability in Django (CVE-2025-64459) | Blog | Endor Labs
www.endorlabs.com/learn/critic...
www.endorlabs.com/learn/critic...
Critical SQL Injection Vulnerability in Django (CVE-2025-64459) | Blog | Endor Labs
Critical SQL Injection Vulnerability in Django (CVE-2025-64459). Learn what happened, root cause, impact, and how to mitigate.
www.endorlabs.com
November 10, 2025 at 10:28 AM
Critical SQL Injection Vulnerability in Django (CVE-2025-64459) | Blog | Endor Labs
www.endorlabs.com/learn/critic...
www.endorlabs.com/learn/critic...
From vendor to ESC1 medium.com/@Debugger/fr...
From vendor to ESC1
This post isn’t about vendor-bashing. With attacks against Active Directory Certificate Services (ADCS) increasing, I want to show how…
medium.com
November 8, 2025 at 7:31 PM
From vendor to ESC1 medium.com/@Debugger/fr...
Reposted by WarthogTK
Soon, @exegogol & THR ! 💣
️
Guests ➡️ @_nwodtuhs & @Dramelac_ 🏰
Co-Streamer & Militant Exegol ➡️ @rayanlecat 🥸
️
Guests ➡️ @_nwodtuhs & @Dramelac_ 🏰
Co-Streamer & Militant Exegol ➡️ @rayanlecat 🥸
November 7, 2025 at 9:19 AM
Soon, @exegogol & THR ! 💣
️
Guests ➡️ @_nwodtuhs & @Dramelac_ 🏰
Co-Streamer & Militant Exegol ➡️ @rayanlecat 🥸
️
Guests ➡️ @_nwodtuhs & @Dramelac_ 🏰
Co-Streamer & Militant Exegol ➡️ @rayanlecat 🥸
0-Day MSR Kernel Exploit for Windows 11 25H2 www.exploitpack.com/blogs/news/0...
0-Day MSR Kernel Exploit for Windows 11 25H2
New 0-day Windows Kernel Exploit, working in Windows 11 25h2 fully patched.It took me 2 weeks of endless coffee cups! MSRs control where the CPU jumps for privileged transitions, they are a sensitive…
www.exploitpack.com
November 8, 2025 at 3:07 PM
0-Day MSR Kernel Exploit for Windows 11 25H2 www.exploitpack.com/blogs/news/0...
Introduction - OWASP Top 10:2025 RC1 owasp.org/Top10/2025/0...
Introduction - OWASP Top 10:2025 RC1
OWASP Top 10:2025 RC1
owasp.org
November 7, 2025 at 10:15 PM
Introduction - OWASP Top 10:2025 RC1 owasp.org/Top10/2025/0...
Nunjucks - Exploiting Second-Order SSTI
No AI was used to write this article
adeadfed.com
November 7, 2025 at 8:06 PM
What’s That Coming Over The Hill? (Monsta FTP Remote Code Execution CVE-2025-34299)
labs.watchtowr.com/whats-that-c...
labs.watchtowr.com/whats-that-c...
What’s That Coming Over The Hill? (Monsta FTP Remote Code Execution CVE-2025-34299)
Happy Friday, friends and.. others. We’re glad/sorry to hear that your week has been good/bad, and it’s the weekend/but at least it’s almost the weekend! What’re We Doing Today, Mr Fox? Today, in a…
labs.watchtowr.com
November 7, 2025 at 8:04 PM
What’s That Coming Over The Hill? (Monsta FTP Remote Code Execution CVE-2025-34299)
labs.watchtowr.com/whats-that-c...
labs.watchtowr.com/whats-that-c...
Ghosts in /proc: Manipulation and Timeline Corruption | Group-IB Blog
www.group-ib.com/blog/ghosts-...
www.group-ib.com/blog/ghosts-...
https://www.group-ib.com/blog/ghosts-in-proc/
www.group-ib.com
November 7, 2025 at 9:04 AM
Ghosts in /proc: Manipulation and Timeline Corruption | Group-IB Blog
www.group-ib.com/blog/ghosts-...
www.group-ib.com/blog/ghosts-...
Tool Spotlight: TaskHound - r0bit's blog r0bit.io/posts/taskho...
Tool Spotlight: TaskHound - r0bit's blog
[ home | posts | toolshed | whoami ]
r0bit.io
November 7, 2025 at 9:01 AM
Tool Spotlight: TaskHound - r0bit's blog r0bit.io/posts/taskho...