Reaper - https://t.co/uDkmfpN3Mv
Reaper was created to give appsec analysts, pentesters, and bug bounty hunters a single, razor-sharp tool that brings together every phase of application security testing into one efficient workflow. It slashes through the manual, time-intensive steps required to uncover application vulnerabilities, exorcising the lingering demons of application security.
While existing tools like Burp Suite, Zap, Subfinder, and Katana tackle individual stages of the testing lifecycle well, Reaper wields a scythe where others use scissors, stitching the entire process back together with cutting-edge technology.
Built for orchestration by both humans and AI, Reaper transforms appsec testing into a streamlined, high-speed process. LLM-powered AI Agents step in as tireless team members, mowing through tedious tasks that would take hours for a human analyst in mere seconds. Picture having a teammate who never sleeps, understands the depths of application security, and works at lightning speed assisting with test parameter tuning, data analysis, findings summaries, and reporting.
If you need to generate a target-specific wordlist, make sure to check out @xnl_h4ck3r GAP extension.
It will scan for sus parameters and generate you a complete wordlist with one click of a button. See it in action 👇
The watchTowr Labs team is back, providing our full analysis of the Oracle E-Business Suite Pre-Auth RCE exploit chain (CVE-2025-61882).
Enjoy with us (or cry, your choice..)
https://t.co/ffDKb723N6
Our client base has been feeding us rumours about in-the-wild exploited SonicWall SMA n-days (CVE-2023-44221, CVE-2024-38475) for a while...
Given these are now CISA KEV, enjoy our now public analysis and reproduction :-)
https://t.co/W3zR5YRifJ
I’m excited to introduce Namespace Confusion, a novel attack discovered during Gareth's and mySAML Roulette: The Hacker Always Wins research. We uncovered a brutal attack on XML signature validation that destroys authentication in Ruby-SAML!
In 2024, I interacted a lot with Extensions.
I decided to create a resource that will help with a basic understanding of extensions and key attacks.
P.S. I tried to make everything as clear as possible and hope it won’t feel too overwhelming anywhere.
https://t.co/mnI255djn8
🔥 The "impossible" XXE in PHP? Not so impossible anymore.
Our researcher Aleksandr Zhurnakov discovered an interesting combination of PHP wrappers and a feature of XML parsing in libxml2 to exploit it.
Read: https://t.co/GuW2Vf5qLN
Good news! I've uploaded a new post about the most complex and beautiful vulnerability I've ever found, involving patching and uploading deprecated .jar libraries to get RCE on a big target. It's a very technical post, but I hope you like it ! :)
https://t.co/IzHI0tNVIv
My videos for Flare-On 2024 are live! Watch me reverse engineer all the challenges from start to end.
+ Commentary video featuring @SuperFashi1, where we review the chals together.
* 45 hours of content
* 400+ GB of raw footage
Merry Christmas! https://t.co/bZnqWCEXNj
We have just published our AttackerKB @rapid7 Analysis for CVE-2024-47575, the recent FortiManager 0day, aka FortiJump 🔥 Read our full technical analysis; detailing firmware decryption, protocol analysis, and unauthenticated RCE 🚀 https://t.co/axuhj0kMuN
Ya tenemos ganador de la última #HackerNight, la cual hicimos con la colaboración de @YogoshaOfficial y en la que Rooted ha añadido 3.000€ adicionales. Enhorabuena @AymenBorgi por encontrar la mejor vulnerabilidad.🥳👏
Y gracias a todos los que participasteis. ¡Nos vemos en la siguiente #RootedCON!
__________
We have a winner of the latest #HackerNight, which we organized in collaboration with @YogoshaOfficial, and where Rooted added an additional €3,000. Congratulations to @AymenBorgi for finding the best vulnerability. 🥳👏
And thank you to everyone who participated. See you at the next #RootedCON!
During a recent CTF, one participant found a particularly interesting solution to my challenge. The goal was to send multiple CSRF requests with SameSite=Lax from 1 visit.
Normally, a form sends you to the page you are posting to and you cannot send any more CSRF requests. (1/4)
new blogpost time!!
this one's a fun writeup on a vulnerability chain i found across multiple google services that earned me a $4133.70 bounty
lots of fun css as usual! i had to recreate a bunch of drive/docs/gmail/youtube UIs c:
have fun!
https://t.co/64ZAIVHoSO
🔥 XSS on any website with missing charset information? 😳
Attackers may leverage the ISO-2022-JP character encoding to inject arbitrary JavaScript code into a website. Read more in our latest blog post:
https://t.co/Ji3V0fK5b6
#appsec#security#vulnerability
After months of work (and bugs), @maxenceschmitt has finally released his fabulous research. Exploiting Client-Side Path Traversal to Perform Cross-Site Request Forgery or #CSPT2CSRF.
Full paper here: https://t.co/vXjkZBq35Q
Summary in https://t.co/aOQfr6qD8s
🚀 Finally released the details of the MikroTik RouterOS exploit that won us the Master of Pwn at #Pwn2Own Toronto 2022! 🎖
Curious about how we did it? Check out the latest blog revealing the attack chain:
https://t.co/e2rLy7khdo
CVE-2024-30043: @chudyPB details this #SharePoint XXE he discovered. He calls it one of the craziest XXEs he has ever seen, both in terms of vuln discovery and the method of triggering. He shows how it can be used for info disclosure & NTLM relaying. https://t.co/BzUDEE5Cy8
🧧 Our researcher Igor Sak-Sakovskiy has discovered an XXE in Chrome and Safari by ChatGPT!
Bounty: $28,000 💸
Here is the write-up 👉
https://t.co/EMnydNEoed
A writeup analysis of a simple logical vulnerability at @googlechrome for which @GoogleVRP paid me $16,000.
Link: https://t.co/YMpxGVQCSo
P.S. I have very few subscribers, so I am grateful for every repost
#0day#Chrome#GoogleVRP#CVE