Atredis is a 100% worker-owned team of world-class security researchers and consultants. We do risk-centric, research-driven security testing and consulting. https://atredis.com
Atredis Partners
Loading...
"Bad News for the Average Pentester" ... But who wants to be average?
Here's some thoughts from Shawn on why Human-Powered Pentesting is here to stay.
www.atredis.com/blog/2026/5/...
Say Cheese, Computer!
Designing a Sensor for Passive Detection of iPhone TrueDepth LiDAR
www.atredis.com/blog/2025/11/20/designing-a-passive-lidar-detection-sensor
Atredis identified a vulnerability in the way Rapid7's Nexpose was generating passwords to protect its Java KeyStore which is used to encrypt saved credentials. This vulnerability was reported to Rapid7 and a patch is being rolled out today! Check out the details here: github.com/atredispartn...
Last week, hardware. This week, firmware! Sam is back with a deep dive into his LiDAR Detector and demos a couple prototypes! www.atredis.com/blog/2025/12...
Let's Hack Something Cute! A Reverse Engineering Journey into the Drawbot with Jessie www.atredis.com/blog/2025/9/...
Check out our latest blog from Matt Burch (@emptynebuli.bsky.social ) detailing new supplemental findings from his DefCon32 talk Where's the Money: Defeating ATM Disk Encryption: www.atredis.com/blog/2025/8/26/24nrgne4dqbwjxyip7txn8ep6zj057
We decided to revisit an old research problem with some new LLM powered tooling. Check out our latest blog post to see how we approached this research, and the new Java deserialization gadget chains it discovered in just two days! www.atredis.com/blog/2026/3/12/findings-gadgets-like-its-2026
Command & Conquer'd: worming RCEs through a classic multiplayer game. Check out the full writeup from our @districtcon.bsky.social Junkyard submission here:
www.atredis.com/blog/2026/1/...
By @droner.bsky.social and @jordan9001.bsky.social
#Security #modding #rce
On a recent engagement, we exploited a previously disclosed privilege escalation bug in Tenable's Nessus Agent. No public PoC was available, so we made one; check it out here github.com/atredispartn...
In case you missed it, be sure to watch Atredian Matt Burch's (@emptynebuli.bsky.social) #HackSpaceCon talk, Where's the Money: Defeating ATM Disk Encryption! buff.ly/RqUmthH
Atredis Partners
Atredis Partners
Atredis Partners
Atredis Partners
[this work was conducted collaboratively by Bryan Alexander and Jordan Whitehead] This post details several vulnerabilities discovered in the popular online game Command & Conquer: Generals. We…
