Blog posts
Ambionics / Web Exploitation

Owncloud: details about CVE-2023-49103 and CVE-2023-49105

Mon 04 December 2023

We provide details about CVE-2023-49103 and CVE-2023-49105

Read more
Binary Exploitation

XORtigate: Pre-authentication Remote Code Execution on Fortigate VPN (CVE-2023-27997)

Wed 14 June 2023

A pre-authentication remote code execution on Fortigate SSL VPN was discovered by Lexfo (CVE-2023-27997).

Read more
CSIRT

XORtigate: Forensics short notice (CVE-2023-27997)

Tue 13 June 2023

Some feedbacks on what we observed in Forensics with the Pre-auth RCE on Fortigate VPN (CVE-2023-27997) in our test environment.

Read more
Post Exploitation

Sshimpanzee

Fri 24 March 2023

Sshimpanzee, a reverse SSH tool with encapsulation feature.

Read more
CSIRT

Cobalt Strike Investigation - Part 2

Thu 09 March 2023

This second part will focus on the 'jump' command in Cobalt Strike, used to establish a connection from a compromised system to the command and control (C2) server.

Read more
Ambionics / Web Exploitation

Unserializable, but unreachable: Remote code execution on vBulletin

Tue 31 January 2023

Ambionics Security team discovered a pre-authentication remote code execution in vBulletin 5.6.9.

Read more