Meet Constantine – Find Mythos-level vulnerabilities in your code. It proves them, patches them, PRs them back. Autonomously.

Sharing is Caring: SMB Secret Scanning with Sulla

TL;DR: Sulla is an open source SMB secret scanner for discovering credentials exposed in SMB shares across enterprise networks. It leverages our recently released Titus Go library, resulting in an easy-to-use, adaptable, and highly performant standalone binary. Every network penetration tester knows the struggle: reviewing network shares for sensitive material is a painful must-do. With […]

When Encryption Isn’t Really Encryption

Padlock sitting outside a transparent box exposing the credential card inside, illustrating Canon printer's broken client-side

Discovery During a recent network security assessment, we were working on an environment that was well-hardened – Patching was current, password policies were strong, and network segmentation was in place. So, as part of our enumeration of all network assets, we started looking for default credentials and this led us to multiple Canon enterprise printers […]

A Possible Solution to the Zodiac Killer Z32 Cipher

Introduction The Zodiac Killer, one of America’s most notorious unsolved serial killer cases, sent numerous encrypted messages to newspapers during his reign of terror in the late 1960s and early 1970s. While his 408-character cipher was eventually cracked, the shorter “Z32” cipher that accompanied a map of the San Francisco Bay Area has remained unsolved […]

Critical Advisory: Remote Code Execution in Next.js (CVE-2025-66478) with Working Exploit

Critical Advisory - React Next.js RCE

Date: December 4, 2025Severity: Critical (CVSS 10.0)Components: Next.js App Router & React Server Components We are alerting all customers to a critical Remote Code Execution (RCE) vulnerability affecting Next.js applications using the App Router. This vulnerability, tracked as CVE-2025-66478, stems from an upstream issue in the React Server Components (RSC) protocol (CVE-2025-55182). React provided a […]

Azure RBAC Privilege Escalations: Azure VM

Microsoft Azure provides administrators with controls to limit the actions a principal can take within the cloud environment. These actions can broadly be split into two categories: those that impact the Entra ID tenant and those that affect the Azure cloud subscription, the latter of which we will call “RBAC actions.” Prior research into Entra […]

ETW Threat Intelligence and Hardware Breakpoints

Learn to bypass EDR detection using NtContinue for hardware breakpoints without triggering ETW Threat Intelligence. This technical blog explores kernel debugging, debug registers, and EDR evasion with code examples.

Advisory: Qlik Original Fix for CVE 2023-41265 Vulnerable to RCE

Overview On August 29th, 2023 Qlik issued a patch for two vulnerabilities we identified in Qlik Sense Enterprise, CVE-2023-41265 and CVE-2023-41266. These vulnerabilities allowed for unauthenticated remote code execution via path traversal and HTTP request tunneling. As part of our standard operating procedure, we performed a diff of the issued patch to identify potential bypasses […]

Announcing Gato Version 1.5!

On January 21, 2023 at ShmooCon 2023, Praetorian open-sourced Gato (Github Attack Toolkit), a first of its kind tool that focuses on abusing offensive TTPs targeting self-hosted GitHub Actions Runners. Since then, Praetorian and other offensive security practitioners across the information security community have leveraged Gato for so much more than just self-hosted runner attacks. […]