offensive security

Use proactive security strategies to prevent vulnerabilities in your systems and follow actionable tips from infosec pros.

Security research

Throwing a spark into FuelCMS

FuelCMS v1.5.2 might be an older, largely unmaintained project, but its codebase is still highly combustible. In our latest research sprint, we uncovered seven new vulnerabilities lurking under the hood. Read the full article to see the raw HTTP requests, learn how we bypassed brute-force rate limits, and watch us turn simple template syntax into a full system compromise.

Author(s)

Matei "Mal" Badanoiu (aka CVE Jesus)

Published at: 05 Mar 2026

Security research

cPanel - The valid, the suspect, and the 3rd party (Part 1)

Ever wondered what you can still do with 25-year-old code in a modern hosting environment? PTT-2025-021 was quite the journey! Unpack this (potentially Remote) Code Execution vulnerability we discovered and disclosed, which lets you bypass restricted environments like cPanel's jailshell. In part 1 of 3, we break down how an unsafe Perl "open" function became our ticket to a executing arbitrary system commands - and how the exploit works.

Author(s)

Matei "Mal" Badanoiu (aka CVE Jesus)

Published at: 08 Jan 2026

Community wisdom

What the experts say: Machine learning in offensive security

In this third installment, we stop talking and start listening. We asked seasoned offensive security professionals how they actually use machine learning in the field. Their verdict? ML works, when it’s focused. From spotting phishing entry points to flagging suspicious authentication patterns, the value is real. But it’s not magic. Used blindly, it adds noise. Used wisely, it accelerates analysts.

Author(s)

Alice Teodorescu

Published at: 26 Jun 2025

Security research

How to extract TLS secrets from Android apps using Frida and Wireshark

Break Android's TLS fortress! Frida & Wireshark reveal hidden app secrets. Bypass SSL pinning, expose API calls, and master traffic decryption now.

Author(s)

David Bors

Published at: 14 Mar 2025

Security research

Unpacking LDAPNightmare (CVE-2024-49113 and CVE-2024-49112)

Uncover the secrets of LDAPNightmare - crash domain controllers, exploit AD weaknesses, and sharpen your pentesting skills

Author(s)

Published at: 28 Jan 2025

Security research

Roundcube: exfiltrating emails with CVE-2021-44026

Have you ever asked yourself: what is the half-life of a disclosed vulnerability? When should we stop worrying about it?

Author(s)

Published at: 22 Dec 2023

Community wisdom

17 Infosec pros talk about the future of penetration testing

As offensive security specialists, we want to understand how pentesting changes over the next decade so we can use our experience and know-how to make better decisions.

Author(s)

Ioana Rijnetu

Published at: 25 Nov 2022

Platform updates

Visualize exploit paths with the Sniper network graph

Whether working in offensive or defensive security, we all see it: high-risk, widespread vulnerabilities cause significant disruptions to already struggling security teams.

Author(s)

Andra Zaharia

Published at: 23 Jun 2022

Security research

How to detect VMware vCenter RCE with Pentest-Tools.com (CVE-2021-21972)

The current, multi-layer setup big organizations run on is a challenge to manage and we both know that (it’s an understatement). And when a vulnerability like CVE-2021-21972 pops up, it reveals how messy the process of patching and mitigation can be.

Author(s)

Daniel Bechenea

Published at: 19 Apr 2021

Security research

Discover how dangerous a ‘Bad Neighbor’ can be - TCP/IP Vulnerability (CVE-2020-16898)

Patching is never easy, but doing it imperfectly can come back to bite you. That’s why today we’re unpacking a vulnerability that can resurface when improperly mitigated.