• SSRF on Sliver C2 teamserver via spoofed implant callback (CVE-2025-27090) Feb 19, 2025 - 13 min read
• Unauthenticated RCE on a BYOB via arbitrary file write (CVE-2024-45256) Aug 15, 2024 - 6 min read
• Unauthenticated SSRF on Havoc C2 teamserver via spoofed demon agent (CVE-2024-4157) Jul 13, 2024 - 20 min read