Toolkit Posts

LEXSS: Bypassing Lexical Parsing Security Controls
Bad Pods: Kubernetes Pod Privilege Escalation
Lessons Learned on Brute-forcing RMI-IIOP With RMIScout
How to Set Up Your Hardware Lab
RMIScout: Safely and Quickly Brute-Force Java RMI Interfaces for Code Execution
GadgetProbe: Exploiting Deserialization to Brute-Force the Remote Classpath
Dufflebag: Uncovering Secrets in Exposed EBS Volumes
EYEBALLER
ZIGDIGGITY
SLIVER