Blog posts
Ambionics / Web Exploitation

Laravel <= v8.4.2 debug mode: Remote code execution

Tue 12 January 2021

Ambionics Security team discovered an RCE in Laravel, when the framework is in debug mode.

Read more
Ambionics / Web Exploitation

Remote code execution on Sqreen: exploiting the microagent

Thu 19 November 2020

Ambionics Security team discovered a heap overflow that results in remote code execution on Sqreen's microagent.

Read more
Ambionics / Web Exploitation

Secret fragments: Remote code execution on Symfony based websites

Mon 19 October 2020

Remote code execution using Symfony's _fragment's page and unsecure secret values.

Read more
Malware Analysis

Lockbit analysis

Fri 02 October 2020

This article is a deep dive into the IOCP and encryption process from LockBit in depth.

Read more
Binary Exploitation

Pentesting a banking FTP service

Tue 24 March 2020

This articles intends to bring an exploitation scenario encountered during a common penetration test.

Read more
Malware Analysis

Whitepaper: The Lazarus Constellation - A study on North-Korean malware

Mon 09 March 2020

In this whitepaper, Lexfo analyses Lazarus malwares, from their motives, to their detection and mitigation, through their techniques, tactics, procedures.

Read more