Scanning Beyond the Patch: A Public-Interest Hunt for Hidden Shells - Disclosing.Observer
Even after patching, many edge devices remain compromised. This post explores how to ethically scan for backdoors left behind.
Way too often for various reasons, operators patch-and-forget whenever the newest edge device vulnerability is actively being exploited. I've written up some of our experience when it comes to edge device web shells and how we find them through attacker slip-ups.
disclosing.observer/2025/06/14/p...
16.06.2025 08:24 β
π 0
π 0
π¬ 0
π 0
Ready, Retain, Fire? The Quiet Fallout of U.S. Offensive Cyber Policy - Disclosing.Observer
When one nation hoards weapons, others feel compelled to follow. The U.S. posture on zero-day retention risks global insecurity through a dynamic we've seen ...
Zero-days come with responsibility, and we've learned in the past years that states donβt always live up to that responsibility. Lately, Iβve been thinking about how one government in particular handles themβ¦
Brain dump here, any feedback and discussion welcome!
disclosing.observer/2025/05/30/u...
30.05.2025 20:56 β
π 2
π 0
π¬ 0
π 0
Not really one to make frequent posts. But with the continuous decline of Twitter/X, I figured I might as well give this a go.
A nice way to start would be with the news that I'll be speaking at both USENIX Security in Seattle and the ONE Conference in The Hague this year, in case anyone is around!
28.05.2025 20:53 β
π 4
π 0
π¬ 1
π 0
