CODE WHITE - FINEST HACKING
Intelligence Driven Security
Initial Assessment
Security Intelligence Service
About us
PUBLIC VULNERABILITY LIST
Multiple Vulnerabilities in OnlineSuite
Remote Code Execution via Deserialization of Untrusted Data in Backup & Replication
Unauthenticated Remote Code Execution via Deserialization of Untrusted Data in mediDOK
...
CAREERS
Challenge
Senior Red Teamer
Senior Penetration Tester
Vulnerability Intelligence Analyst
BLOG
Analyzing the Attack Surface of Ivanti's DSM
Teaching the Old .NET Remoting New Exploitation Tricks
Leaking ObjRefs to Exploit HTTP .NET Remoting
...
>
CODE WHITE | Red Teaming & Attack Surface Management
>
Authors
>
Kai Ullrich
About the Unsuccessful Quest for a Deserialization Gadget (or: How I found CVE-2021-21481)
Handcrafted Gadgets
SAP Customers: Make sure your SAPJVM is up-to-date!
