image.blog

From Patch To Exploit: CVE-2021-35029

Analysis of a preauth command injection

image.blog

CYS4 - CVE-2021-37841 - Docker - HiveNightmare

A Docker security issue, incorrect DACL, leads to containers compromise.

image.blog

CYS4-SensitiveDiscoverer: finding secrets automatically during a PT

A BApp extension that discovers sensitive information inside HTTP messages.

image.blog

CYS4 & SecureFlag: A new Advanced Practical SOC Training Platform

A new cloud-based learning platform to prepare SOC analysts of the future.

image.blog

CVE 2021-26814: from path-traversal to hero on Wazuh

Analysis behind the vulnerability CVE 2021-26814, how it was found, exploited and fixed.

image.blog

Walking through WebSphere, from Patch to Exploit + 0Day

Introduction to perform a Penetration Test against WebSphere.