Corrupting the Hive Mind: Persistence Through Forgotten Windows Internals
Eventually after you write a tool, the time comes to make it public. That time has come for Swarmer, a tool for stealthy modification of the Windows Registry as a low privilege user. It’s been almost a year since we first deployed this technique in the wild, and given enough time has passed, it seems appropriate […]
Stealing AI Models Through the API: A Practical Model Extraction Attack
Organizations invest significant resources training proprietary machine learning (ML) models that provide competitive advantages, whether for medical imaging, fraud detection, or recommendation systems. These models represent months of R&D, specialized datasets, and hard-won domain expertise. But what if an attacker could duplicate an expensive machine learning model at a fraction of the cost? Model extraction […]
As Strong As Your Weakest Parameter: An AI Authorization Bypass
In this AI gold rush, LLMs are becoming increasingly popular with many companies rolling out AI-assisted applications. When evaluating the security posture of these applications, it’s essential to pause and ask ourselves: what are we securing? Automated security tools that test models in isolation play an important role in identifying known vulnerabilities and establishing security […]
Exploiting LLM Write Primitives: System Prompt Extraction When Chat Output Is Locked Down
Prompt injection allows attackers to manipulate LLMs into ignoring their original instructions. As organizations integrate AI assistants into their applications, many are adopting architectural constraints to mitigate this risk. One increasingly common pattern: locking chatbots into templated responses so they can’t return free-form text. This seems secure. If an LLM can’t speak freely, it can’t […]
CVE-2025-52493: When Password FieldsAren’t Enough – Client-Side SecretExposure in PagerDuty Cloud Runbook
By Mario Bartolome & Carter Ross During a recent Red Team engagement, our team at Praetorian discovered a vulnerability in PagerDuty Cloud Runbook that highlights a fundamental security principle: never trust the client with secrets. In this blog, we share details about CVE-2025-52493, a medium-severity vulnerability that exposed stored secrets to authenticated administrators through simple […]
How I Found the Worst ASP.NET Vulnerability — A $10K Bug (CVE-2025-55315)
Introduction Earlier this year, I earned a $10,000 bounty from Microsoft after discovering a critical HTTP request smuggling vulnerability in ASP.NET Core’s Kestrel server (CVE-2025-55315). The vulnerability garnered significant media attention after Microsoft assigned it a CVSS score of 9.9, the highest severity rating ever assigned to an ASP.NET Core vulnerability. This post walks through […]
Your Vulnerability Scanner Might Be Your Weakest Link
Overview Vulnerability scanners are a cornerstone of modern security programs, helping teams identify weaknesses before attackers do. But when these tools are configured with privileged credentials, they can themselves become high-value targets. In one case, while running continuous testing through our Chariot platform for a Fortune 500 financial services company, we compromised a server and […]
Domain Fronting is Dead. Long Live Domain Fronting!
Overview At Black Hat and DEF CON, we demonstrated how red teams could tunnel traffic through everyday collaboration platforms like Zoom and Microsoft Teams, effectively transforming them into covert communication channels for command-and-control. That research highlighted a critical blind spot: defenders rarely block traffic to core business services because doing so would disrupt legitimate operations. […]
The Security Time Capsule: Evolving Beyond Legacy Pen Testing
Legacy point-in-time penetration testing started in the 1960s, back when networks were static, attackers behaved like hobbyists, and change moved slowly. We live in a very different world now. The practice of annual testing was shaped for a world that no longer exists, one without dynamic cloud infrastructure, identity sprawl, or AI-accelerated threats. Yet many […]
OAuthSeeker: Leveraging OAuth Phishing for Initial Access and Lateral Movement on Red Team Engagements
Overview The Praetorian Labs team recently conducted research into potential initial access vectors for red team engagements, focusing on attack techniques leveraging malicious applications distributed through platforms like the Microsoft Store. This included OAuth applications, malicious Outlook extensions, and other types of applications that could be delivered via the Windows Store. As part of this […]