Build Your Own Offensive Security Lab A Step-by-Step Guide with Ludus

TL;DR: If you’re looking to set up your own lab for practicing offensive and defensive security techniques, this post is for you. In this guide, I’ll walk you through my experience with Ludus and ...

Feb 9, 2025 redteam

From Limited file read to full access on Jenkins (CVE-2024-23897)

TL;DR: As a red teamer, you encountered a Jenkins instance that is vulnerable to CVE-2024-23897, which allowed for limited arbitrary file read. Without credentials and with the /script endpoint in...

Jul 2, 2024 crypto

From Code Analysis to RCE (CVE-2023-22953)

TL;DR: In this article, I detail my journey of discovering CVE-2023-22953 through a source code review process. I explain the steps involved, including taint analysis, manual code review, runtime ...

Mar 20, 2024 codereview

SysAid On-Premise 20.1.11 - Unauthenticated RCE

Introduction In 2020, I identified a vulnerability in the “SysAid Help Desk Software”. This security flaw was significant enough to be assigned the reference CVE-2020-10569. In this article, I’ll ...

May 22, 2020 cve-2020-10569