From POC to RCE with reverge

From POC to RCE with reverge Last month, Securifera publicly launched our attack surface management tool, reverge, on the AWS Marketplace. While we’re still planning to publish blog posts and videos to guide users through setup and usage, we wanted to give an example of what reverge can do by demonstrating how [...]

By |2025-06-09T00:46:48+00:00June 9th, 2025|BUG BOUNTY, EXPLOITS, PENTESTING, RED TEAM|0 Comments
Read More

Introducing Reverge

Introducing Reverge: An Attack Surface Management Platform by Securifera In today’s complex digital ecosystems, organizations struggle to maintain visibility over sprawling infrastructure, cloud services, and third-party integrations. Traditional vulnerability management tools often fall short in providing real-time, actionable insight into an organization's external exposure. That’s why we’re excited to introduce Reverge, Securifera’s [...]

By |2025-05-14T14:05:17+00:00May 14th, 2025|BUG BOUNTY, PENTESTING, SECURIFERA|0 Comments
Read More

Okta Verify for Windows Remote Code Execution – CVE-2024-0980

This article is in no way affiliated, sponsored, or endorsed with/by Okta, Inc. All graphics are being displayed under fair use for the purposes of this article. Poppin shells with Okta Verify on Windows These days I rarely have an opportunity to do bug hunting. Fortunately, over the holiday break, I [...]

By |2024-05-02T17:43:12+00:00May 2nd, 2024|BUG BOUNTY, EXPLOITS|0 Comments
Read More

Vocera Report Server Pwnage

This article is in no way affiliated, sponsored, or endorsed with/by Vocera Communications or Stryker Corporation. All graphics are being displayed under fair use for the purposes of this article. Quest for RCE Last year during a routine penetration test, our team came across a interesting target called Vocera Report Server [...]

By |2024-04-15T14:25:43+00:00April 24th, 2023|BUG BOUNTY, EXPLOITS, PENTESTING|0 Comments
Read More

Attacking .NET Web Services

This article is in no way affiliated, sponsored, or endorsed with/by Siemens Healthineers or Microsoft Corporation. All graphics are being displayed under fair use for the purposes of this article. Last year I spent some time looking for vulnerabilities in a commercial cardiovascular imaging web application called  Syngo Dynamics. This product is [...]

By |2024-04-15T14:25:45+00:00March 6th, 2023|BUG BOUNTY, EXPLOITS, PENTESTING|0 Comments
Read More

Synack – Red Vs Fed Competition 2020

Preface Obligatory statement: This blog post is in no way affiliated, sponsored, or endorsed with/by Synack, Inc. All graphics are being displayed under fair use for the purposes of this article. Over the last few months Synack has been running a user engagement based competition called Red vs Fed. As can be deduced [...]

By |2024-04-15T14:25:50+00:00June 25th, 2020|BUG BOUNTY, EXPLOITS, PENTESTING|0 Comments
Read More

A Year of Windows Privilege Escalation Bugs

A Year of Windows Privilege Escalation Bugs Earlier last year I came across an article by Provadys (now Almond) highlighting several bugs they had discovered based on research by James Forshaw of Google's Project Zero. The research focused on the exploitation of Windows elevation of privilege (EOP) vulnerabilities using NTFS [...]

By |2024-04-15T14:25:50+00:00March 12th, 2020|BUG BOUNTY, EXPLOITS, PENTESTING|0 Comments
Read More

PreAuth RCE on Palo Alto GlobalProtect Part II (CVE-2019-1579)

Background Before I get started I want to clearly state that I am in no way affiliated, sponsored, or endorsed with/by Palo Alto Networks. All graphics are being displayed under fair use for the purposes of this article. I recently encountered several unpatched Palo Alto firewall devices during a routine red team [...]

By |2024-04-15T14:25:50+00:00September 10th, 2019|BUG BOUNTY, EXPLOITS|0 Comments
Read More
Copyright 2025 Securifera | All Rights Reserved
XYouTube
Go to Top