Clearing out the research queue in time for DEFCON, and dropping some new NachoVPN updates! ๐ฎ๐
Part 1: Ivanti SYSTEM RCE/LPE:
blog.amberwolf.com/blog/2025/ju...
8 months ago
2
0
0
0
Posts by Rich Warren
Some Christmas cheer with @buffaloverflow.rw.md . A nice bug in the URL handler for Delinea Secret Server.
blog.amberwolf.com/blog/2024/de...
1 year ago
3
3
0
0
d3bfdeed17448756d36a326f0b7972162b7f67951df6d2004faa196444b6c5aa ๐
1 year ago
1
0
0
0
Thanks, Cas! Hoping we get to hear some Red Team war stories from its use at the next RedTreat ๐
1 year ago
1
0
0
0
Let's see how bsky handles videos ..
1 year ago
1
0
0
0
For anyone mad at Palo Alto for pushing out a limited fix, just remember that other vendors (*cough* Ivanti) consider 1-click RCE from a browser .. a feature ๐
www.reddit.com/r/paloaltone...
1 year ago
1
0
2
0
New platform, who dis? It me, and @johnnyspandex.bsky.social dropping some VPN client exploit freshness! ๐ฎ๐
Today, we're releasing NachoVPN, our VPN client exploitation tool, as presented at SANS HackFest Hollywood. Get it on the @amberwolfsec.bsky.social blog:
blog.amberwolf.com/blog/2024/no...
1 year ago
13
11
0
2