What are reverge collectors? Collectors serve as the distributed job engine for the reverge platform. Operating as a remote collection agent, it receives scanning tasks from the reverge server and executes various tools. This client-server architecture enables scalable reconnaissance operations across multiple environments while maintaining centralized coordination and data aggregation. [...]
From POC to RCE with reverge Last month, Securifera publicly launched our attack surface management tool, reverge, on the AWS Marketplace. While we’re still planning to publish blog posts and videos to guide users through setup and usage, we wanted to give an example of what reverge can do by demonstrating how [...]
Introducing Reverge: An Attack Surface Management Platform by Securifera In today’s complex digital ecosystems, organizations struggle to maintain visibility over sprawling infrastructure, cloud services, and third-party integrations. Traditional vulnerability management tools often fall short in providing real-time, actionable insight into an organization's external exposure. That’s why we’re excited to introduce Reverge, Securifera’s [...]
This article is in no way affiliated, sponsored, or endorsed with/by Okta, Inc. All graphics are being displayed under fair use for the purposes of this article. Poppin shells with Okta Verify on Windows These days I rarely have an opportunity to do bug hunting. Fortunately, over the holiday break, I [...]
This article is in no way affiliated, sponsored, or endorsed with/by Vocera Communications or Stryker Corporation. All graphics are being displayed under fair use for the purposes of this article. Quest for RCE Last year during a routine penetration test, our team came across a interesting target called Vocera Report Server [...]
This article is in no way affiliated, sponsored, or endorsed with/by Siemens Healthineers or Microsoft Corporation. All graphics are being displayed under fair use for the purposes of this article. Last year I spent some time looking for vulnerabilities in a commercial cardiovascular imaging web application called Syngo Dynamics. This product is [...]
403 to RCE in XAMPP Some of the best advice I was ever given at how to become more successful at vulnerability discovery is to always try and dig a little deeper. Whether you are a penetration tester, red teamer, or bug bounty hunter, this advice has always proven true. Far too [...]
Preface Obligatory statement: This blog post is in no way affiliated, sponsored, or endorsed with/by Synack, Inc. All graphics are being displayed under fair use for the purposes of this article. Over the last few months Synack has been running a user engagement based competition called Red vs Fed. As can be deduced [...]
A Year of Windows Privilege Escalation Bugs Earlier last year I came across an article by Provadys (now Almond) highlighting several bugs they had discovered based on research by James Forshaw of Google's Project Zero. The research focused on the exploitation of Windows elevation of privilege (EOP) vulnerabilities using NTFS [...]
Background Before I get started I want to clearly state that I am in no way affiliated, sponsored, or endorsed with/by Palo Alto Networks. All graphics are being displayed under fair use for the purposes of this article. I recently encountered several unpatched Palo Alto firewall devices during a routine red team [...]
