DREHSEC IT Security&Research
  • Blog
  • DREHSEC IT Security&Research
  • dreher.in
  • meme.drehsec.tk

Exchange 💔 for now and ever

  • Christopher Bleckmann-Dreher

Christopher Bleckmann-Dreher

20 Jun 2024

Drei Monate nach der #Cybersicherheitswarnung des @BSI_Bund zu #verwundbaren #Exchange-Servern (https://t.co/dbWKEr4FpR) sind aktuell noch immer mindestens 42% bzw. 18.000 der Exchange-Server mit offenem #OWA in Deutschland für eine oder mehrere #RCE-#Schwachstellen verwundbar. pic.twitter.com/LxDDaKouBX

— CERT-Bund (@certbund) June 18, 2024

Exchange on Premise, a piece of 💩 you wanna get rid of :)

Accelerating Vulnerability Research with DeepWiki: Turning GitHub Chaos into Actionable Insights

Accelerating Vulnerability Research with DeepWiki: Turning GitHub Chaos into Actionable Insights

Hey there, fellow security enthusiasts! If you've ever stared at a sprawling GitHub repository wondering where the low-hanging fruit vulnerabilities hide, you're not alone. Vulnerability research (VR) often feels like spelunking in a cave with a flickering flashlight—tedious navigation through undocumented code, tangled dependencies, and
14 Oct 2025 3 min read

💀 Owning a Cloud Dashboard: A Walkthrough of How Our Autonomous BugBounty Agent Exploited a Live Grafana Instance

When you're hunting bugs at scale, automation isn't a luxury — it's a necessity. In this write-up, I’ll walk you through one of our BugBounty Agent’s recent wins: the successful exploitation of an unsecured Grafana monitoring portal that exposed sensitive Azure credentials and
16 Apr 2025 8 min read

AI Pentest Companion

Building an AI-Powered Pentest Companion App that integrates Burp Suite's tools to assist pentesters during real-time assessments can significantly enhance productivity and efficiency. Below is an outline of how Burp Suite tools can be utilized within such an app, with relevant examples of practical implementations: 1. Proxy and
06 Apr 2025 3 min read
DREHSEC IT Security&Research © 2025
  • memegen docs
Powered by Ghost