Vulnerability Research

Flowchart of the WasmForge C# build pipeline. C# source from Rubeus, Seatbelt, and SharpDPAPI enters a build-time transformation stage, where csharp_patcher applies source transforms and routes BCL calls to WasmForge helpers, and pinvoke_scanner routes P/Invokes to C bridge sources, with residual stubs left for architectural holes. Output flows through dotnet publish, wasm-component-ld, a .wasm module, and the WasmForge host to a final signed PE.

GhostPack Necromancy: Reforging C# Tools with WasmForge

| | C++, EDR evasion, GhostPack, NativeAOT, Offensive Security, Red Teaming, Rubeus, Seatbelt, Tools & Techniques, Vulnerability Research, WasmForge, WebAssembly
In the previous post we walked through WasmForge, our Go-to-WebAssembly loader that takes existing signatured Go tools and ships them as opsec-safe binaries. This approach doesn’t just apply to Go, however, as ...
Offensive Security Blog: Latest Trends in Hacking | Praetorian
39C3 - Escaping Containment: A Security Analysis of FreeBSD Jails

FreeBSoD: Leveraging Language Models to Find and Exploit Kernel Bugs (Part 1 of 2)

| | AI Security, Claude Code, CodeQL, CVE-2026-3038, Exploit Development, FreeBSD, KASAN, Kernel Security, Offensive Security, Tools & Techniques, Vulnerability Research, zero-day
Overview Earlier this year, a team at Praetorian was building Constantine, our automated 0-day discovery engine. I wanted to find techniques worth folding into it, so on the side I started poking ...
Offensive Security Blog: Latest Trends in Hacking | Praetorian
Centurion: Bring Your Own Execution Environment

Centurion: Bring Your Own Execution Environment

| | Centurion, LLM Development, Offensive Security, Red Team, security insights, Tools & Techniques, Virtualized Loader, Vulnerability Research, WasmForge
Writing my own virtualized loader is something I’ve been wanting to do since I first read Microsoft’s deep dive on FinFisher’s multi-layered VM obfuscation back in 2018. FinFisher didn’t just use one layer of ...
Offensive Security Blog: Latest Trends in Hacking | Praetorian
Enter the WasmForge: Compiling Sliver into WebAssembly

Enter the WasmForge: Compiling Sliver into WebAssembly

| | AI Offensive Security, C2 development, Claude Code, EDR, EDR evasion, Labs, malware automation, Offensive Security, open source, red-team-tools, Tools & Techniques, Vulnerability Research
In our last post we used a Claude skill to systematically beat down VirusTotal detection rates on offensive security tools, with a brief mention of a new loader we’d been using to ...
Offensive Security Blog: Latest Trends in Hacking | Praetorian

When Encryption Isn’t Really Encryption

| | CVE, CVE-2026-1789, enterprise security, IoT Security, Offensive Security, printer security, Uncategorized, Vulnerability Research
Discovery During a recent network security assessment, we were working on an environment that was well-hardened – Patching was current, password policies were strong, and network segmentation was in place. So, as ...
Offensive Security Blog: Latest Trends in Hacking | Praetorian
Your Login Page Is Lying: What AI Agents Find When They Read Your Frontend

Your Login Page Is Lying: What AI Agents Find When They Read Your Frontend

| | AI Security, Application Security, Attack Surface Management, Offensive Security, Red Team, security insights, Tools & Techniques, Vulnerability Research
TL;DR: Single-page applications ship their entire frontend codebase to every visitor, including unauthenticated ones. Even a login page with no visible functionality delivers JavaScript bundles containing route definitions, API endpoint URLs, authentication ...
Offensive Security Blog: Latest Trends in Hacking | Praetorian
OffensiveCon24 - Samuel Groß - The V8 Heap Sandbox

500,000 Vulnerabilities, 14 That Matter: How Exploit Chain Analysis Cuts Through the Noise

| | APT, Attack Chains, attack path mapping, Offensive Security, Remote Code Execution, Vulnerability Chaining, Vulnerability Research
When 500,000 Findings Hide 14 Real Threats Modern enterprises ingest vulnerability data from dozens of sources: endpoint detection and response platforms, vulnerability scanners, cloud security posture tools, container image scanners. A large ...
Offensive Security Blog: Latest Trends in Hacking | Praetorian
The Treatment Was Successful. Unfortunately the Patient Died

The Treatment Was Successful. Unfortunately the Patient Died

| | AI defensive tools, AI security agents, AI vulnerability discovery, Anthropic Mythos, automated exploit generation, core collapse theory, cyber nirvana, cybersecurity AI, cybersecurity market disruption, Glasswing, Jen Easterly, machine-speed patching, Rich Mogull, secure by design, Software Resilience, software-vulnerabilities, Vulnerability Research, Vulnpocalypse
Explore the debate between "Cyber Nirvana" and the "Vulnpocalypse" as AI tools like Anthropic’s Mythos threaten to collapse the traditional security model in a "supernova" event ...
Security Boulevard
Two Group Policy Management Editor windows showing security policies. Top window has digital sign communications enabled, bottom has it disabled.

Reflecting on Your Tier Model: CVE-2025-33073 and the One-Hop Problem

| | Active Directory, CVE, CVE-2025-33073, ntlm relay, Offensive Security, SMB Signing, Unconstrained Delegation, Vulnerability Research
The False Sense of Security SMB signing on domain controllers has become standard practice across most Active Directory environments. But this hardening may have created a false sense of security. CVE-2025-33073 changes ...
Offensive Security Blog: Latest Trends in Hacking | Praetorian
Terminal showing Python script execution where AI refuses PowerPoint creation request, followed by thinking notes about the refusal

Which Came First: The System Prompt, or the RCE?

| | AI agent security, AI Offensive Security, Augustus, code execution, LLM penetration testing, Offensive Security, prompt injection, Red Team, Vulnerability Research
During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude (Opus 4.5) and a third-party asset management platform. The idea is simple: instead ...
Offensive Security Blog: Latest Trends in Hacking | Praetorian
Load more