We always love a good challenge. That’s why we’re sponsoring the 10th FAUST CTF. Game on at 2025.faustctf.net
You like technical deep dives into binary exploitation and crazy heap wizardry? Then you'll like our blog post about unauth'ed RCE in NetSupport Manager aka CVE-2025-34164 & CVE-2025-34165 code-white.com/blog/2026-01...
Yes, we're beating a dead horse. But that horse still runs in corporate networks - and quietly gives attackers the keys to the kingdom. We're publishing what’s long been exploitable. Time to talk about it. #DSM #Ivanti code-white.com/blog/ivanti-...
NetSupport Manager is a remote control and support software that we find surprisingly often utilized in sensitive *Operational Technology (OT)* environments, such as production plant networks. Besides...
code-white.com
2025.faustctf.net
FAUST CTF 2025 is an online attack-defense CTF competition run by FAUST, the CTF team of
Friedrich-Alexander University Erlangen-Nürnberg
Ivanti's Desktop & Server Management (DSM) product is an old acquaintance that we have encountered in numerous red team and
internal assessments. The main purpose of the product is the centralized dis...
Highly recommend the writeup from our @fl0mb.bsky.social and congrats on this well-deserved achievement!
Latest ≠ Greatest? A Retrospective Analysis of CVE-2025-59287 in Microsoft WSUS from our very own @mwulftange.bsky.social who loves converting n-days to 0-days code-white.com/blog/wsus-cv...
To clarify: we did not discover these bugs - all credit goes to @_l0gg (on X). We diffed the patches, quickly built a working exploit internally (and identified another auth bypass afterwards)
Our 2024 applicants challenge is officially #roasted: the full BeanBeat × Maultaschenfabrikle walkthrough is now online. Unwrap the write-up at apply-if-you-can.com/walkthrough/... and revisit the hacks that escalated from cold brew to full breach.
