Rich Warren
@buffaloverflow.rw.md
📤 245
📥 52
📝 6
Red Team & Offensive Security Research
@amberwolfsec.bsky.social
Clearing out the research queue in time for DEFCON, and dropping some new NachoVPN updates! 🌮🔓 Part 1: Ivanti SYSTEM RCE/LPE:
blog.amberwolf.com/blog/2025/ju...
loading . . .
https://blog.amberwolf.com/blog/2025/july/nachovpn-update---ivanti-connect-secure/
3 months ago
0
2
0
reposted by
Rich Warren
10 months ago
Some Christmas cheer with
@buffaloverflow.rw.md
. A nice bug in the URL handler for Delinea Secret Server.
blog.amberwolf.com/blog/2024/de...
loading . . .
Delinea Protocol Handler - Remote Code Execution via Update Process (CVE-2024-12908)
AmberWolf Security Research Blog
https://blog.amberwolf.com/blog/2024/december/cve-2024-12908-delinea-protocol-handler---remote-code-execution-via-update-process/
0
3
3
d3bfdeed17448756d36a326f0b7972162b7f67951df6d2004faa196444b6c5aa 🙃
11 months ago
0
1
0
For anyone mad at Palo Alto for pushing out a limited fix, just remember that other vendors (*cough* Ivanti) consider 1-click RCE from a browser .. a feature 😜
www.reddit.com/r/paloaltone...
add a skeleton here at some point
11 months ago
2
1
0
New platform, who dis? It me, and
@johnnyspandex.bsky.social
dropping some VPN client exploit freshness! 🌮🔒 Today, we're releasing NachoVPN, our VPN client exploitation tool, as presented at SANS HackFest Hollywood. Get it on the
@amberwolfsec.bsky.social
blog:
blog.amberwolf.com/blog/2024/no...
loading . . .
Introducing NachoVPN: One VPN Server to Pwn Them All
AmberWolf Security Research Blog
https://blog.amberwolf.com/blog/2024/november/introducing-nachovpn---one-vpn-server-to-pwn-them-all/
11 months ago
0
13
13
you reached the end!!
feeds!
log in
