Introduction Critical sectors such as energy, water, health, banking, MSP’s and others are under high scrutiny in terms of security. The NIS2 Directive is pushing European organizati...
Pwning a Legacy Enterprise Application Server - Sybase EAServer
Introduction This article explores the process of compromising a legacy enterprise application server, EAServer. We start by gaining access to the web console by leveraging default c...
Exploiting nOAuth Vulnerability in Azure AD Applications
Introduction The nOAuth vulnerability was originally discovered by Descope security team and impacts Microsoft Azure AD applications configured to use OAuth. Essentially the vulnerability is a ...
Obfuscating Rust Binaries using LLVM Obfuscator (OLLVM)
UPDATE - 30 November 2023 I have made available a Docker image containing all the required steps to build a Rust toolchain using OLLVM. Currently it is targeting both x86_64-unknown-linux-gnu an...