How missing authorization checks in Zammad's REST API let agents execute group-restricted AI text tools and inject unauthorized ticket context into AI prompts.
Bypassing Wazuh's UNC Mitigation in Windows OSQuery via \\?\UNC\ (CVE-2025-30201 / GHSA-x697-jf34-gp5x)
How I bypassed Wazuh's UNC path mitigation in Windows OSQuery using extended-length UNC paths (\\?\UNC\), leaking NetNTLMv2 hashes despite the original CVE-2025-30201 fix.
Detecting the Notepad++ Supply Chain Attack: A PowerShell Triage Script
A PowerShell-based triage script to check systems for indicators of compromise related to the Notepad++ supply chain attack attributed to Lotus Blossom APT.
Combating Misinformation Through Geolocation: Colombian Trucker vs. Wind Energy
A Facebook video claimed to show wind turbine transport to Colombia. Using OSINT techniques, we traced it to Oklahoma, USA – here's how.
Custom Admin Notifications for New Intune Enrollments
Intune lacks native admin alerts for new enrollments. This script fixes that – using Entra, Microsoft Graph API, and a simple Linux setup.
Gralhix OSINT exercise 005 walkthrough
Geolocating a polar bear livestream screenshot: from reverse image search to exact coordinates using Google Earth, Street View, and historical weather data.