Tools & Techniques

Centurion: Bring Your Own Execution Environment

Centurion: Bring Your Own Execution Environment

| | Centurion, LLM Development, Offensive Security, Red Team, security insights, Tools & Techniques, Virtualized Loader, Vulnerability Research, WasmForge
Writing my own virtualized loader is something I’ve been wanting to do since I first read Microsoft’s deep dive on FinFisher’s multi-layered VM obfuscation back in 2018. FinFisher didn’t just use one layer of ...
Offensive Security Blog: Latest Trends in Hacking | Praetorian
Enter the WasmForge: Compiling Sliver into WebAssembly

Enter the WasmForge: Compiling Sliver into WebAssembly

| | AI Offensive Security, C2 development, Claude Code, EDR, EDR evasion, Labs, malware automation, Offensive Security, open source, red-team-tools, Tools & Techniques, Vulnerability Research
In our last post we used a Claude skill to systematically beat down VirusTotal detection rates on offensive security tools, with a brief mention of a new loader we’d been using to ...
Offensive Security Blog: Latest Trends in Hacking | Praetorian
Adversarial Oracles: LLM-Guided EDR Signature Reduction

Adversarial Oracles: LLM-Guided EDR Signature Reduction

| | adversarial, AI Security, Offensive Security, open source, Red Team, Static Analysis, Tools & Techniques
In previous blog posts we’ve talked about getting nerd sniped. Today we’re going to talk about a kind of nerd sniping that any offensive security tool creator is familiar with; when your ...
Offensive Security Blog: Latest Trends in Hacking | Praetorian
Your Login Page Is Lying: What AI Agents Find When They Read Your Frontend

Your Login Page Is Lying: What AI Agents Find When They Read Your Frontend

| | AI Security, Application Security, Attack Surface Management, Offensive Security, Red Team, security insights, Tools & Techniques, Vulnerability Research
TL;DR: Single-page applications ship their entire frontend codebase to every visitor, including unauthenticated ones. Even a login page with no visible functionality delivers JavaScript bundles containing route definitions, API endpoint URLs, authentication ...
Offensive Security Blog: Latest Trends in Hacking | Praetorian
Meet Vespasian. It Sees What Static Analysis Can’t.

Meet Vespasian. It Sees What Static Analysis Can’t.

| | API security, Application Security, Burp Suite, graphql, Offensive Security, Open Source Tools, openapi, Penetration Testing, Praetorian Guard Platform, Tools & Techniques, Vespasian
Praetorian is excited to announce the release of Vespasian, a probabilistic API endpoint discovery, enumeration, and analysis tool. Vespasian watches real HTTP traffic from a headless browser or your existing proxy captures ...
Offensive Security Blog: Latest Trends in Hacking | Praetorian
Flowchart showing attack steps from anonymous attacker discovering target via Shodan to creating developer account and exfiltrating data

Azure APIM Signup Bypass: 97.9% of Developer Portals Still Exploitable Anonymously and from the Internet

| | API Management Security, API security, authentication bypass, Azure APIM, Azure security, Cloud Security, Cross-Tenant Attack, Developer Portal, Internet-Facing Vulnerability, Microsoft Azure, MSRC Response, Offensive Security, open source, Tools & Techniques, Vulnerability Research
The Azure APIM signup bypass is a critical vulnerability affecting 97.9% of internet-facing Developer Portals. Azure API Management (APIM) exposes APIs to external consumers through a Developer Portal, the interface where developers ...
Offensive Security Blog: Latest Trends in Hacking | Praetorian
Dialog box showing localhost URL file-processing.local:8080 with file-processing.local text and cyan OK button

When HttpOnly Isn’t Enough: Chaining XSS and GhostScript for Full RCE Compromise

| | Application Security, CVE, Offensive Security, Tools & Techniques, Vulnerability Research
What started as a standard cross-site scripting vulnerability in a document processing platform turned into a full administrative takeover of the application and, ultimately, remote code execution on the underlying server. The ...
Offensive Security Blog: Latest Trends in Hacking | Praetorian
Terminal window showing Augustus Hydra scan results with attacker-target conversation about lock picking, displaying scores and SUCCESS/FAIL status

Augustus v0.0.9: Multi-Turn Attacks for LLMs That Fight Back

| | AI Security, Augustus, GPT-4o, jailbreak, Labs, LLM Red Teaming, Multi-Turn Attacks, Offensive Security, open source, Open Source Tools, security insights, Tools & Techniques
Single-turn jailbreaks are getting caught. Guardrails have matured. The easy wins — “ignore previous instructions,” base64-encoded payloads, DAN prompts — trigger refusals on most production models within milliseconds. But real attackers don’t ...
Offensive Security Blog: Latest Trends in Hacking | Praetorian
DEF CON 24 - Linuz, Medic - Sticky Keys To The Kingdom: Pre auth RCE

Et Tu, RDP? Detecting Sticky Keys Backdoors with Brutus and WebAssembly

| | Offensive Security, open source, Open Source Tools, Tools & Techniques, Vulnerability Research
Everyone knows that one person on the team who’s inexplicably lucky, the one who stumbles upon a random vulnerability seemingly by chance. A few days ago, my coworker Michael Weber was telling ...
Offensive Security Blog: Latest Trends in Hacking | Praetorian
⚠

Mapping the Unknown: Introducing Pius for Organizational Asset Discovery

| | Attack Surface Management, Offensive Security, open source, Open Source Tools, Red Team, Tools & Techniques, Uncategorized
Asset discovery is an essential part of Praetorian’s service delivery process. When we are engaged to carry out continuous external penetration testing, one key action is to build and maintain a thorough ...
Offensive Security Blog: Latest Trends in Hacking | Praetorian
Load more