top of page
Search
Exploiting User Registration and Membership Logic for Privilege Escalation (CVE-2025-2563)
As defenders patch vulnerabilities in production environments, threat actors continually adapt to exploit new weaknesses, sometimes for financial gain and sometimes to disrupt operations. In this blog, we'll explore how attackers can escalate privileges via a web GUI and ultimately obtain shell access by exploiting a recently disclosed WordPress vulnerability, CVE-2025-2563 . We'll walk through the attack chain from an attacker’s perspective against a practice (non-production
Daniel Vazquez
Nov 45 min read
Playing with Bubbles: An Introduction to DLL-Sideloading
DLL Side-Loading is a pervasive technique partially because its behavior is difficult to detect. As a sub-technique of DLL Hijacking, it ta
Erica Zelickowski
Jul 25, 20235 min read
Return to Libc: Linux Exploit Development
This blog post will cover how to conduct a ret2libc attack. The ret2libc technique is a tactic used in Linux exploit development that allows
Nihaal Prasad
Oct 5, 20216 min read
Automated Obfuscation of Windows Malware and Exploits Using O-LLVM
Today’s malware authors and exploit developers have automated methods of obfuscating their software, When these techniques are combined with
Wade Ma
Mar 3, 20209 min read
bottom of page