Authors
David Bors
Pentest-Tools.com, Security Research Engineer
I have a deep-rooted passion for unravelling the complexities of cybersecurity. I seek ways to make systems do what they were not programmed to do. I like to 'move fast and break things' and learn new concepts while using my technical expertise to improve security systems.
I have a deep-rooted passion for unravelling the complexities of cybersecurity. I seek ways to make systems do what they were not programmed to do. I like to 'move fast and break things' and learn new concepts while using my technical expertise to improve security systems.
Posts by this author
MilestonesHow and why we built the Kubernetes Vulnerability Scanner
We began developing the Kubernetes Scanner with a focus on black and gray box remote scanning scenarios, as these are the most common among bug bounty hunters, pentesters, and red-teamers. We believe our Kubernetes Vulnerability Scanner is a state of the art improvement for its category of tools, but we don’t plan to stop here. We have a range of improvements in mind, from new detections and exploits to better integrations with other tools that will make this scanner an even more important asset for our customers.
- Author(s)
- Published at
- Updated at
Security researchWhat is CVE-2024-6387? Understand RegreSSHion, the OpenSSH vulnerability
CVE-2024-6387, aka regreSSHion, is a new critical vulnerability affecting OpenSSH which remote, unauthenticated attackers can use to execute remote code. But there's more to this CVE than meets the eye
- Author(s)
- Published at
- Updated at
Security researchCVE-2024-3094 - The XZ Utils Backdoor, a critical SSH vulnerability in Linux
The SSH backdoor would allow remote unauthenticated attackers to achieve remote code execution on the infected systems bypassing the authentication in place. From the information available at the time of writing, the backdoor seems to work only on GNU Linux x86/64 when the SSH server is run as a service by Systemd. Moreover, the library should have been installed by a packet manager. For the exploit to work, one should also expose the SSH server to the Internet so the attacker can interact remotely with it.
- Author(s)
- Published at
- Updated at
Security researchFrom bypass to breach: how to get RCE in Confluence's latest CVEs
I’m gonna help you get the answers you need by demonstrating how to go beyond authentication bypass and achieve RCE using CVE-2023-22515 and CVE-2023-22518. Together we’ll explore their root causes and how to demonstrate the risk involved if an attacker uses these CVEs successfully.
- Author(s)
- Published at
- Updated at
