niph's Avatar

niph

@0xniph.bsky.social

Liking colors, 🩸being my favorite but also a bit into 🧒 with the occasional β˜‚οΈ | head of red team at @codewhitesec - @niph_ on X

38 Followers  |  105 Following  |  9 Posts  |  Joined: 01.11.2024  |  1.7604

Latest posts by 0xniph.bsky.social on Bluesky


Post image

Critical zero-day vulnerability (CVE-2026-1731) in BeyondTrust Remote Support & Privileged Remote Access allows unauthenticated RCE. Immediate patching required! #CyberSecurity #ZeroDay #BeyondTrust Link: thedailytechfeed.com/critical-zer...

08.02.2026 15:01 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

Highly recommend the writeup from our @fl0mb.bsky.social and congrats on this well-deserved achievement!

05.02.2026 16:15 β€” πŸ‘ 4    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0

[RSS] Districton 1 Slides - Control the Variables and You Control the Code: Language-Level Vulnerabilities in Adobe ColdFusion


www.hoyahaxa.com ->


Original->

27.01.2026 08:10 β€” πŸ‘ 0    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0
Bypassing Windows Administrator Protection - Project Zero A headline feature introduced in the latest release of Windows 11, 25H2 is Administrator Protection. The goal of this feature is to replace User Account Cont...

No security feature is perfect. @tiraniddo.dev reviewed Windows’ new Administrator Protection and found several bypasses.

projectzero.google/2026/26/wind...

26.01.2026 17:56 β€” πŸ‘ 4    πŸ” 5    πŸ’¬ 0    πŸ“Œ 0

Crazy work by my colleague Fabian. High impact target: one might be amazed at how widespread this product is in industrial networks.

23.01.2026 12:33 β€” πŸ‘ 3    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

25 days later, White Date is still down.

23.01.2026 15:42 β€” πŸ‘ 83    πŸ” 15    πŸ’¬ 1    πŸ“Œ 0
Preview
GitHub - bytewreck/DumpGuard: Proof-of-Concept tool for extracting NTLMv1 hashes from sessions on modern Windows systems. Proof-of-Concept tool for extracting NTLMv1 hashes from sessions on modern Windows systems. - bytewreck/DumpGuard

Proof of Concept for extracting NTLMv1 hashes from sessions on Windows (relies on the Remote Credential Guard protocol).

github.com/bytewreck/Du...

#infosec #cybersecurity #redteam #pentest #windows

24.01.2026 11:46 β€” πŸ‘ 4    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

[RSS] [Blog] Unauthenticated RCE in NetSupport Manager - A Technical Deep Dive


code-white.com ->

CVE-2025-34164, CVE-2025-34165


Original->

24.01.2026 23:10 β€” πŸ‘ 2    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Preview
CODE WHITE | Unauthenticated RCE in NetSupport Manager - A Technical Deep Dive NetSupport Manager is a remote control and support software that we find surprisingly often utilized in sensitive *Operational Technology (OT)* environments, such as production plant networks. Besides...

You like technical deep dives into binary exploitation and crazy heap wizardry? Then you'll like our blog post about unauth'ed RCE in NetSupport Manager aka CVE-2025-34164 & CVE-2025-34165 code-white.com/blog/2026-01...

23.01.2026 12:28 β€” πŸ‘ 7    πŸ” 9    πŸ’¬ 0    πŸ“Œ 1

mfw I realize you can use C++ WINAPI COM IUIAutomation to communicate with Copilot directly and tell it do things like "execute this file" (Copilot is now Copiloting my malicious payload)

10.01.2026 00:51 β€” πŸ‘ 25    πŸ” 7    πŸ’¬ 1    πŸ“Œ 0
Preview
CODE WHITE | Public Vulnerability List Public list of vulnerabilities, found by CODE WHITE

In 2025 my colleague and me pwned several widespread medial devices. Check our vuln list for some impressions and get ready for cool blog posts and hopefully conference talks in 2026. 🀞🏻

code-white.com/public-vulne...

20.12.2025 12:34 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
Post image

The picture below depicts a (malicious) Inbox Rule. I slightly modified this Inbox Rule to protect our customer, but the gist is that it filters incoming mail from a specific bank employee, moves it to the RSS Folder, and marks it as read.

13.12.2025 09:39 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
Post image

bless the heart of whoever posted this and thought it sounded good, lol

12.12.2025 14:26 β€” πŸ‘ 21    πŸ” 4    πŸ’¬ 6    πŸ“Œ 0

It’s almost time for my @BSidesCapeTown talk, and I’ve just open sourced pipetap. My Windows named pipe proxy & multi-tool. Excited to see what you do with it!

github.com/sensepost/pi...

06.12.2025 13:56 β€” πŸ‘ 12    πŸ” 4    πŸ’¬ 0    πŸ“Œ 1
Preview
CODE WHITE - Applicants Challenge Applicants Challenge! Face real-world vulns, earn trophies, First Bloods & epic swag!

Our 2024 applicants challenge is officially #roasted: the full BeanBeat Γ— Maultaschenfabrikle walkthrough is now online. Unwrap the write-up at apply-if-you-can.com/walkthrough/... and revisit the hacks that escalated from cold brew to full breach.

05.12.2025 12:47 β€” πŸ‘ 6    πŸ” 6    πŸ’¬ 0    πŸ“Œ 0

Back home, time to download 15 Windows Server ISO’s via 5g to comply with the European Fair Use Roaming Policy. Not sure if this still qualifies as fair use though πŸ€”

22.11.2025 15:17 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
CODE WHITE | A Retrospective Analysis of CVE-2025-59287 in Microsoft WSUS How the n-day research for a suspected vulnerability in Microsoft WSUS (CVE-2025-59287) led to the surprising discovery of a new `SoapFormatter` vulnerability added by the Patch Tuesday updates of Oct...

Latest β‰  Greatest? A Retrospective Analysis of CVE-2025-59287 in Microsoft WSUS from our very own @mwulftange.bsky.social who loves converting n-days to 0-days code-white.com/blog/wsus-cv...

29.10.2025 13:05 β€” πŸ‘ 8    πŸ” 6    πŸ’¬ 0    πŸ“Œ 1
ULMageddon Logo

ULMageddon Logo

CODE WHITE proudly presents #ULMageddon which is our newest applicants challenge at apply-if-you-can.com packaged as a metal festival. Have fun 🀘 and #applyIfYouCan

15.09.2025 07:40 β€” πŸ‘ 6    πŸ” 7    πŸ’¬ 0    πŸ“Œ 1

pagedout.institute ← we've just released Paged Out! zine Issue #7
pagedout.institute/download/Pag... ← direct link
lulu.com/search?page=... ← prints for zine collectors
pagedout.institute/download/Pag... ← issue wallpaper
Enjoy!

Please please please share to spread the news - thank you!

04.10.2025 10:40 β€” πŸ‘ 20    πŸ” 17    πŸ’¬ 1    πŸ“Œ 3

On your way to @brucon! Are you interested in technical discussions or would you like to know what makes our company so unique? Just talk to us.

24.09.2025 04:42 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
GitHub - ZephrFish/pyLDAPGui: Python based GUI for browsing LDAP Python based GUI for browsing LDAP. Contribute to ZephrFish/pyLDAPGui development by creating an account on GitHub.

Made a thing, mucking about with python and a LDAP browser concept to ingest straight into BloodHound but also just a nice alternative to ADExplorer with fewer LDAP queries, simple LDAP browser using PyQt as a GUI and neo4j-driver to ingest into BH. github.com/ZephrFish/py... #bloodhound #redteam

13.09.2025 11:31 β€” πŸ‘ 8    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

Tech startup idea: instead of starting your car with your key, you get in, turn on the display panel, enter your password, get your phone out, open the authenticator app, enter your pin, enter the timed passcode, then open the start menu, then helpdesk, then "request engine start", then submit a tic

05.09.2025 12:30 β€” πŸ‘ 807    πŸ” 133    πŸ’¬ 50    πŸ“Œ 16
Preview
FAUST CTF 2025 | FAUST CTF 2025 FAUST CTF 2025 is an online attack-defense CTF competition run by FAUST, the CTF team of Friedrich-Alexander University Erlangen-NΓΌrnberg

We always love a good challenge. That’s why we’re sponsoring the 10th FAUST CTF. Game on at 2025.faustctf.net

28.08.2025 12:22 β€” πŸ‘ 7    πŸ” 6    πŸ’¬ 0    πŸ“Œ 0
The table of contents for Phrack 72 from phrack.org

The table of contents for Phrack 72 from phrack.org

At long last - Phrack 72 has been released online for your reading pleasure!

Check it out: phrack.org

18.08.2025 21:33 β€” πŸ‘ 121    πŸ” 63    πŸ’¬ 0    πŸ“Œ 4
Preview
GitHub - codewhitesec/NewRemotingTricks: New exploitation tricks for hardened .NET Remoting servers New exploitation tricks for hardened .NET Remoting servers - codewhitesec/NewRemotingTricks

We've added a new demo to NewRemotingTricks that makes deploying a MarshalByRefObject (e.g., WebClient) even easier: System.Lazy<T> creates an instance of T on serialization, which is probably more likely to be allowed than a XAML gadget getting through. github.com/codewhitesec...

05.08.2025 15:11 β€” πŸ‘ 4    πŸ” 4    πŸ’¬ 0    πŸ“Œ 1
Post image

We have reproduced "ToolShell", the unauthenticated exploit chain for CVE-2025-49706 + CVE-2025-49704 used by @_l0gg (on X) to pop SharePoint at #Pwn2Own Berlin 2025, it's really just one request! Kudos to @mwulftange.bsky.social

14.07.2025 13:00 β€” πŸ‘ 4    πŸ” 5    πŸ’¬ 1    πŸ“Œ 1
Video thumbnail

Tomorrow's a new month. Is your AWS bill ready?

30.06.2025 16:20 β€” πŸ‘ 35    πŸ” 3    πŸ’¬ 3    πŸ“Œ 0
CODE WHITE | Analyzing the Attack Surface of Ivanti's DSM Ivanti's Desktop & Server Management (DSM) product is an old acquaintance that we have encountered in numerous red team and internal assessments. The main purpose of the product is the centralized dis...

Yes, we're beating a dead horse. But that horse still runs in corporate networks - and quietly gives attackers the keys to the kingdom. We're publishing what’s long been exploitable. Time to talk about it. #DSM #Ivanti code-white.com/blog/ivanti-...

13.05.2025 06:45 β€” πŸ‘ 8    πŸ” 8    πŸ’¬ 0    πŸ“Œ 1
GFI MailEssentials - Yet Another .NET Target What is this product GFI MailEssentials all about? We’re living the future, right? So let’s ask the GFI AI.

My blog post on some vulns in GFI MailEssentials

frycos.github.io/vulns4free/2...

28.04.2025 17:34 β€” πŸ‘ 7    πŸ” 7    πŸ’¬ 0    πŸ“Œ 0

Ash?

18.04.2025 14:30 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

@0xniph is following 19 prominent accounts