The Kill Chain models how an attack succeeds. The Attack Helix models how the offensive baseline improves. The Tipping Point One person. Two AI subscriptions. Ten government agencies. 150 gigabytes of sovereign data. In December of 2025, a single unidentified operator used Anthropic’s Claude and OpenAI’s ChatGPT to breach the Mexican ... Read More

From LLM Fingerprinting to LLM Prompt Injection Last month we released Julius, a tool that answers the question: “what LLM service is running on this endpoint?” Julius identifies the infrastructure. But identification is only the first step. The natural follow-up: “now that I know what’s running, how do I test ... Read More

Executive Summary The primary bottleneck in autonomous software development is not model intelligence, but context management and architectural determinism. Current “Agentic” approaches fail at scale because they rely on probabilistic guidance (prompts) for deterministic engineering tasks (builds, security, state management). Furthermore, the linear cost of token consumption versus the non-linear degradation of model ... Read More

We are excited to announce the release of Goffloader, a pure Go implementation of an in-memory COFFLoader and PE loader. This tool is designed to facilitate the easy execution of Cobalt Strike BOFs and unmanaged PE files directly in memory without writing any files to disk. Goffloader aims to take ... Read More

Introduction Recently researcher Steven Seeley discovered a way to abuse the popular Apache Struts frameworks’ file upload functionality to achieve remote code execution. This bug, known as CVE-2023-50164, has been assigned a 9.8 CVSS score. No doubt this is causing some security practitioners to have flashbacks of the “good times” ... Read More

Cryptographic weaknesses often arise in applications when the core security concepts are misunderstood or misused by developers. For this reason, a thorough review of all cryptographic implementations can be a juicy target when designing an application or starting a security assessment. Often, cryptography is used in the context of communication ... Read More

Overview Recently I’ve been working on writing a custom SMB client that implements the initial handshake and NTLM authentication functionality to perform port fingerprinting within Chariot Identify, our attack surface management product. While reading through the SMB specification, I got to thinking about Computer AdminTo Computer vulnerabilities we have exploited ... Read More

Introduction Azure has an insecure default guest user setting, and your organization is probably using it. The default settings Azure provides would allow any user within the organization (including guest users) to invite guest users from any domain, bypassing any central identity management solutions (e.g. Okta, Auth0) and onboarding processes ... Read More

Background On March 30, 2022, Praetorian published remediation details for a remote code execution vulnerability for Spring Core on JDK9+ (CVE-2022-22965). A patch for vulnerable systems is now available and Praetorian has notified those affected through our Chariot offering. Hunting Opportunities Covering all our bases this early in the disclosure ... Read More

Overview Spring Core on JDK9+ is vulnerable to remote code execution due to a bypass for CVE-2010-1622. At the time of writing, this vulnerability is unpatched in Spring Framework and there is a public proof-of-concept available. As we have remediation advice for customers (see below), we have elected to share ... Read More