RCE Via Arbitrary File Upload at Open eClass

by | January 16, 2026 | BLOG | 0 Comments

Introduction The Open eClass platform (http://www.openeclass.org) is an integrated Learning Management System (LMS). It follows the philosophy of open source software and supports a multitude of...
Read More

BoFs Are Not Dead

by | January 14, 2026 | BLOG | 0 Comments

Abstract Buffer overflow vulnerabilities remain highly relevant in embedded systems, where the absence of operating system abstractions and modern memory protection mechanisms creates conditions...
Read More

Is user training a good thing?

by | December 9, 2025 | BLOG | 0 Comments

In the past years, there has been a major focus on end-user training as it is considered (and rightly so) the weakest link in the cybersecurity chain. I keep hearing more and more experts (and...
Read More

The three vectors of a pentest engagement.

by | November 14, 2025 | BLOG | 0 Comments

There are 3 vectors that define a penetration test engagement. I. Knowledge of the attacker Blackbox The attacker has no previous knowledge of the scope, its technology stack nor the security...
Read More

Securing the Smart Future – Why IoT & Hardware Penetration Testing Is No Longer Optional

by | October 17, 2025 | BLOG | 0 Comments

Introduction: The Explosive Rise of IoT and the Hidden RisksFrom smart homes and medical devices to connected factories and self-driving cars, the Internet of Things (IoT) is no longer futuristic....
Read More