Flomb's Avatar

Flomb

@fl0mb.bsky.social

https://blog.flomb.net https://x.com/flomb_

85 Followers  |  1,019 Following  |  6 Posts  |  Joined: 02.12.2024
Posts Following

Posts by Flomb (@fl0mb.bsky.social)

Preview
Top 10 web hacking techniques of 2025 Welcome to the Top 10 Web Hacking Techniques of 2025, the 19th edition of our annual community-powered effort to identify the most innovative must-read web security research published in the last year

Incredibly excited to share that my research 'Playing with HTTP/2 CONNECT' made the final @portswigger.net
Top 10 Web Hacking Techniques of 2025!

A huge thank you to everyone who voted. It’s a privilege to be featured alongside such talented researchers.
portswigger.net/research/top...

05.02.2026 16:10 β€” πŸ‘ 4    πŸ” 0    πŸ’¬ 0    πŸ“Œ 1
Preview
CODE WHITE | Unauthenticated RCE in NetSupport Manager - A Technical Deep Dive NetSupport Manager is a remote control and support software that we find surprisingly often utilized in sensitive *Operational Technology (OT)* environments, such as production plant networks. Besides...

You like technical deep dives into binary exploitation and crazy heap wizardry? Then you'll like our blog post about unauth'ed RCE in NetSupport Manager aka CVE-2025-34164 & CVE-2025-34165 code-white.com/blog/2026-01...

23.01.2026 12:28 β€” πŸ‘ 7    πŸ” 9    πŸ’¬ 0    πŸ“Œ 1
Preview
Top 10 web hacking techniques of 2025 Welcome to the community vote for the Top 10 Web Hacking Techniques of 2025.

Honored to be nominated for the @portswigger.net Top 10 Web Hacking Techniques 2025 with my research "Playing with HTTP/2 CONNECT".

Make sure to check out the full list and cast your vote!

portswigger.net/polls/top-10...

19.01.2026 11:34 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
TIL: SNI-Based Auto Certificate Generation Is a Thing I recently stumbled upon a great writeup which explained how it is possible to get a SSRF from SNI to hit the Azure VM Instance Metadata Service(IMDS). Inspired, I started scanning for this behaviour ...

blog.flomb.net/posts/autotls/

31.12.2025 11:25 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Tekton Dashboard RCE and Kubernetes API Proxy This is the story of how I found two vulnerabilities in the Tekton CI/CD Dashboard component that allow remote code execution and a potential node takeover if deployed in read/write mode as well as pr...

blog.flomb.net/posts/tekton/

31.12.2025 11:25 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Playing with HTTP/2 CONNECT In HTTP/1, the CONNECT method instructs a proxy to establish a TCP tunnel to a requested target. Once the tunnel is up, the proxy blindly forwards raw traffic in both directions. This mechanism is mos...

blog.flomb.net/posts/http2c...

15.09.2025 17:49 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
FAUST CTF 2025 | FAUST CTF 2025 FAUST CTF 2025 is an online attack-defense CTF competition run by FAUST, the CTF team of Friedrich-Alexander University Erlangen-NΓΌrnberg

We always love a good challenge. That’s why we’re sponsoring the 10th FAUST CTF. Game on at 2025.faustctf.net

28.08.2025 12:22 β€” πŸ‘ 7    πŸ” 6    πŸ’¬ 0    πŸ“Œ 0
Preview
OBS WebSocket to RCE | Jorian Woltjer Disabling password authentication of your OBS WebSocket server can have devastating consequences. We'll attack from the browser to construct an RCE payload on Windows formed from the pixels of an imag...

Just pushed a new frontend for my site, and a new post!
This one's about an tricky file write vulnerability on Windows in OBS. By crafting an image with very specific pixels, we can plant a backdoor on your PC all from an attacker's site by misconfiguring:
jorianwoltjer.com/blog/p/resea...

05.06.2025 18:48 β€” πŸ‘ 5    πŸ” 2    πŸ’¬ 1    πŸ“Œ 0
MrBruh's Epic Blog One-Click RCE in ASUS’s Preinstalled Driver Software Introduction This story begins with a conversation about new PC parts. After ignoring the advice from my friend, I bought a new ASUS motherboard fo...

One-Click RCE in ASUS’s Preinstalled Driver Software
mrbruh.com/asusdriverhub/

11.05.2025 05:07 β€” πŸ‘ 6    πŸ” 4    πŸ’¬ 0    πŸ“Œ 0
CODE WHITE | Analyzing the Attack Surface of Ivanti's DSM Ivanti's Desktop & Server Management (DSM) product is an old acquaintance that we have encountered in numerous red team and internal assessments. The main purpose of the product is the centralized dis...

Yes, we're beating a dead horse. But that horse still runs in corporate networks - and quietly gives attackers the keys to the kingdom. We're publishing what’s long been exploitable. Time to talk about it. #DSM #Ivanti code-white.com/blog/ivanti-...

13.05.2025 06:45 β€” πŸ‘ 8    πŸ” 8    πŸ’¬ 0    πŸ“Œ 1
GFI MailEssentials - Yet Another .NET Target What is this product GFI MailEssentials all about? We’re living the future, right? So let’s ask the GFI AI.

My blog post on some vulns in GFI MailEssentials

frycos.github.io/vulns4free/2...

28.04.2025 17:34 β€” πŸ‘ 7    πŸ” 7    πŸ’¬ 0    πŸ“Œ 0
Exploiting IngressNightmare: A Deep Dive Wiz recently discovered an unauthenticated remote code execution (RCE) vulnerability in the Ingress NGINX admission controller. I found the exploit chain particularly intriguing and decided to recreat...

blog.flomb.net/posts/ingres...

31.03.2025 14:28 β€” πŸ‘ 5    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0
Walkthrough 2023

Ever wondered how Kurts Maultaschenfabrikle got hacked in 2023? The full story, all technical details, out now ;-) apply-if-you-can.com/walkthrough/...

21.02.2025 10:31 β€” πŸ‘ 7    πŸ” 10    πŸ’¬ 0    πŸ“Œ 0