Henrik Falk April 02, 2026
Bypassing Code Integrity Using BYOVD for Kernel R/W Primitives
Welcome to this new Medium post, in this one we will explore a technique used in offensive security that allows us to bypass CI (Code Integrity “Policies”) by abusing a vulnerable driver.
Medium • S12 - 0x12Dark Development
Your API Has Authorization Bugs. Hadrian Finds Them.
Hadrian approaches the problem differently. It reads the API spec, loads role definitions with explicit privilege levels, and generates every attacker-victim permutation automatically. The permutation engine is the core of the tool: given an OpenAPI file with 50 endpoints and a roles file with four privilege levels, Hadrian generates and executes every relevant API authorization test without manual configuration.
Praetorian • n8n-publisher
Chaining file upload bypass and stored XSS to create admin accounts
Two medium-severity findings chained into full admin compromise on a SaaS pen test. Attack walkthrough, Docker PoC lab, and fixes.
Kurtis Baron — Offensive Security & Pen Testing • Kurtis Baron
