yea we might have lost the plot
gudtrip.xyz
1 day ago
0
0
0
0
Posts by Manu
(obv. not mine but new and worth sharing)
A complete Go implementation of Impacket
github.com/mandiant/gop...
2 days ago
0
0
0
0
If you ever need to update headers like cookies from within the repeater tab of Burp but do not want to manually copy the newest cookies, I have you covered.
portswigger.net/bappstore/4b...
3 weeks ago
1
0
0
1
Published the writeup for the authenticated SQL injection vulnerability in Kanboard - CVE-2026-33058.
0dave.ch/posts/cve-20...
www.cve.org/CVERecord?id...
github.com/kanboard/kan...
#webappsec #cve #sqli
1 month ago
0
1
0
0
cc @adfichter.bsky.social Nix Neues, einfach eine schöne Darstellung der unschönen Daten
1 month ago
2
0
0
0
Lenovo released all patches for the #Lenovo #Vantage #vulnerabilities, which we've reported earlier this year.
Our blog now includes the full write‑ups for CVE-2025-13154, CVE-2026-1715, CVE-2026-1716, and CVE-2026-1717.
🔗 cyllective.com/blog/posts/l...
1 month ago
0
1
0
0
Thought I'd sahre the Swiss Cyber Security starter pack again.
Am I missing somebody?
go.bsky.app/4xD359p
1 month ago
6
2
0
0
John Ostrowski (Compass Security) and Manuel Kiesel (Cyllective AG) worked together on CVE-2025-13154, a Lenovo Vantage LPE. Even after Microsoft closed a known primitive, collaboration led to a working PoC.
blog.compass-security.com/2026/02/from...
#Windows #CVE #SecurityResearch #PrivEsc
2 months ago
6
4
0
0
Advertisement
There are probably more vulns to be found, especially in the parts that I did not look at. Passing the torch to all the other researcherz.
2 months ago
0
0
0
0
First research in a while! Here's my brain dump on reverse-engineering and auditing Lenovo Vantage. In total, I found four (4) vulns. Check out the post and my custom tooling if you're interested.
mkiesel.ch/posts/lenovo...
2 months ago
2
1
1
0
🚀 New blog post: How to Audit Plugin Ecosystems 🔧🔥
Our reusable 4‑step method helped us navigate 600+ Nextcloud/ownCloud plugins & find some vulns.
cyllective.com/blog/posts/h...
#CyberSecurity #AppSec #Nextcloud #ownCloud #infosec #pentest #SAST
2 months ago
2
2
0
0
Nobody asked for them, but here are my uBlock rules to slim down Twitter/X, Bluesky, and Mastodon. They disable fancy features and make it so that basically there are only the options to post and to view your "following" feed. No more distractions!
gist.github.com/rtfmkiesel/1...
2 months ago
0
0
0
0
We have a collision! Compass Security (@compasssecurity) earned $25,000 USD and 4 Master of Pwn points with the Charging Connector Protocol/Signal Manipulation add‑on against the Grizzl‑E Smart 40A, chaining an authentication bypass (CWE‑306) to remote code execution via CWE‑494. #Pwn2Own #P2OAuto
3 months ago
2
1
0
1
Confirmed! Cyrill Bannwart, Emanuele Barbeno, Yves Bieri, Lukasz D., and Urs Mueller of Compass Security (@compasssecurity) exploited one exposed dangerous method/function bug on the Alpine iLX-F511, winning Round 2 for $10,000 USD and 2 Master of Pwn points. #Pwn2Own #P2OAuto
3 months ago
3
5
0
1
co//aboration…ftw! Thanks for the kudos!
3 months ago
1
1
0
0
The final stage would not have been possible without John Ostrowski from @compass-security.com thanks for the Swiss infosec collaboration! 🫕🤝
3 months ago
3
2
1
0
Advertisement
🚨 New blog post!
Read about CVE-2025-13154, a privilege-escalation vulnerability in a Lenovo Vantage add-in called SmartPerformance.
cyllective.com/blog/posts/l...
#windows #cve #infosec #pentest
3 months ago
1
2
1
1
co//aboration… ftw. Thanks for the Kudos!
3 months ago
2
1
0
0
