top of page
Search
Exploiting User Registration and Membership Logic for Privilege Escalation (CVE-2025-2563)
As defenders patch vulnerabilities in production environments, threat actors continually adapt to exploit new weaknesses, sometimes for financial gain and sometimes to disrupt operations. In this blog, we'll explore how attackers can escalate privileges via a web GUI and ultimately obtain shell access by exploiting a recently disclosed WordPress vulnerability, CVE-2025-2563 . We'll walk through the attack chain from an attacker’s perspective against a practice (non-production
Daniel Vazquez
Nov 45 min read
Automated vs Manual Pentesting
With automation and Artificial Intelligence (AI) on the rise, it's becoming increasingly important to adapt to the tools and techniques...
Aaron Henderson
Aug 263 min read
Introduction to Proving Grounds
The Proving-Grounds offers both free and paid tier levels, where users can test their skills in a lab environment similar to other platforms
Esther Matut
Aug 16, 20238 min read
Playing with Bubbles: An Introduction to DLL-Sideloading
DLL Side-Loading is a pervasive technique partially because its behavior is difficult to detect. As a sub-technique of DLL Hijacking, it ta
Erica Zelickowski
Jul 25, 20235 min read
bottom of page