AI-Powered Application Penetration Testing—Scale Security Without Compromise Learn More

bishopfox-logo-grey
Get Started

Technical Research

Technical Research

Analysis and Exploitation of CVE-2023-3519

Analysis and Exploitation of CVE-2023-3519

Aug 4, 2023

Our latest blog offers additional analysis and exploitation of CVE-2023-3519, a critical remote code execution vulnerability in Citrix ADC.

By Caleb Gross
Technical Research

Breaking Fortinet Firmware Encryption

Breaking Fortinet Firmware Encryption

Aug 2, 2023

Check out our latest research on Fortinet products hat breaks encryption on firmware images, leading to improved detection, fingerprinting, and exploit development.

By Jon Williams
Technical Research

Citrix ADC Gateway RCE: CVE-2023-3519 is Exploitable, and 53% of Servers Are Unpatched

Citrix ADC Gateway RCE: CVE-2023-3519 is Exploitable, and 53% of Servers Are Unpatched

Jul 21, 2023

Bishop Fox developed an exploit for CVE-2023-3519, a stack overflow in Citrix ADC Gateway that allows remote code execution. There are 61,000 affected appliances exposed on the internet, and roughly 53% of them are currently unpatched.

By Caleb Gross, Jon Williams
Technical Research

Introducing jsluice: The Why Behind JavaScript Gold Mining (Part 1)

Introducing jsluice: The Why Behind JavaScript Gold Mining (Part 1)

Jul 20, 2023

Learn how to use jsluice, an open-source, Go package and command-line tool used to extract information from JavaScript files and code.

By Tom Hudson
Technical Research

Introducing jsluice: A Technical Deep-Dive for JavaScript Gold (Part 2)

Introducing jsluice: A Technical Deep-Dive for JavaScript Gold (Part 2)

Jul 20, 2023

Join us for a technical deep-dive of jsluice, an open-source mining tool for JavaScript code and files.

By Tom Hudson
Technical Research

CVE-2023-27997 Is Exploitable, and 69% of FortiGate Firewalls Are Vulnerable

CVE-2023-27997 Is Exploitable, and 69% of FortiGate Firewalls Are Vulnerable

Jun 30, 2023

Check out latest analysis for CVE-2023-27997, a heap overflow in FortiOS, the the operating system behind FortiGate firewalls, that allows remote code execution.

By Caleb Gross
Technical Research

CVE-2023-27997 Vulnerability Scanner for FortiGate Firewalls

CVE-2023-27997 Vulnerability Scanner for FortiGate Firewalls

Jun 20, 2023

Use our latest vulnerability assessment tool to check for CVE-2023-27997, a vulnerability in FortiGate firewalls.

By Caleb Gross
Technical Research

Introducing CloudFoxable: A Gamified Cloud Hacking Sandbox

Introducing CloudFoxable: A Gamified Cloud Hacking Sandbox

Jun 13, 2023

Introducing CloudFoxable, an intentionally vulnerable AWS environment created specifically to teach the art of AWS cloud penetration testing, while highlighting CloudFox to help find latent attack paths more effectively.

By Seth Art
Technical Research

Power Up Your Pen Tests: Creating Burp Suite Extensions with the New Montoya API

Power Up Your Pen Tests: Creating Burp Suite Extensions with the New Montoya API

May 25, 2023

Learn how to power up your pen tests by using the new Montoya API to create Burp Suite extensions from scratch.

By Christopher Cerne
Technical Research

A More Complete Exploit for Fortinet CVE-2022-42475

A More Complete Exploit for Fortinet CVE-2022-42475

May 17, 2023

Learn about our unique research focused on CVE-2022-42475 and how an exploit can be built to target a single specific FortiGate appliance running a single specific version of FortiOSbug.

By Carl Livitt, Jon Williams
Technical Research

What the Vuln: EDR Bypass with LoLBins

What the Vuln: EDR Bypass with LoLBins

Mar 23, 2023

Learn more about EDR bypass techniques with Lindsay Von Tish in the second blog of our What the Vuln series.

By Lindsay Von Tish
Technical Research

What the Vuln: Zimbra

What the Vuln: Zimbra

Feb 21, 2023

Take a deep dive into Zimbra Zip Path Traversal vulnerability with Carlos Yanez in the first blog of our What the Vuln series.

By Carlos Yanez
Technical Research

Spoofy: An Email Domain Spoofing Tool

Spoofy: An Email Domain Spoofing Tool

Feb 1, 2023

In this blog, take a deep dive into Spoofy, an opensource tool that offers bulk domain lookup based on DMARC and SPF records.

By Matt Keeley
Technical Research

Cloud Penetration: Not Your Typical Internal Testing

Cloud Penetration: Not Your Typical Internal Testing

Jan 10, 2023

Learn what it is like to be a cloud penetration tester from our expert, Seth Art.

By Seth Art
Technical Research

160K COVID-19 Records: Vulnerability in Avicena Medical Laboratory

160K COVID-19 Records: Vulnerability in Avicena Medical Laboratory

Dec 9, 2022

In this blog, learn how Bishop Fox discovered vulnerabilities in Kosovo's Avicena Medical Laboratory revealing patients' COVID-19 records.

By Dardan Prebreza
Technical Research

The State of Vulnerabilities in 2022

The State of Vulnerabilities in 2022

Oct 19, 2022

Is your organization concerned with security vulnerabilities? Read on as we examine publicly disclosed reports to understand the most frequent vulnerability types, the highest-disclosed bounties, and more.

By Carlos Yanez
Technical Research

(In)Secure by Design

(In)Secure by Design

Sep 22, 2022

Learn how your organization can improve application security by applying secure design patterns, avoiding anti-patterns, and adding security architecture analysis.

By Chris Bush, Shanni Prutchi
Technical Research

Introducing: CloudFox

Introducing: CloudFox

Sep 13, 2022

Introducing CloudFox, a command line tool created to help offensive security professionals find exploitable attack paths in cloud infrastructure.

By Seth Art, Carlos Vendramini
Technical Research

Solving the Unredacter Challenge

Solving the Unredacter Challenge

Sep 8, 2022

We asked you to take our Unredacter Challenge, in which we asked you to get creative and devise a way to solve our blurred secret message! Watch as Shawn A., one of our Unredacter Challenge winners, showcases his solution.

By Shawn Asmus
Technical Research

You're (Still) Doing IoT RNG

You're (Still) Doing IoT RNG

Aug 24, 2022

In this blog, we follow up on the systemic problem of insecure use of random number generators (RNGs) in the Internet of Things (IoT) industry.

By Dan Petro
Technical Research

An Introduction to Bluetooth Security

An Introduction to Bluetooth Security

Jun 27, 2022

Check out our latest blog to learn about Bluetooth Low Energy (BLE) - the BLE stack, how to pen test against it, and why you should get familiar with this technology.

By Saul Arias Mendez
Technical Research

Using CloudTrail to Pivot to AWS Accounts

Using CloudTrail to Pivot to AWS Accounts

Jun 7, 2022

In this blog, we look at how we can utilize the AWS CloudTrail service to discover other AWS accounts that we could pivot to.

By Gerben Kleijn
Technical Research

ripgen: Taking the Guesswork Out of Subdomain Discovery

ripgen: Taking the Guesswork Out of Subdomain Discovery

Jun 1, 2022

ripgen is a super-fast subdomain permutation discovery tool that helps map the full scope of an attack surface. Learn how our Cosmos team uses ripgen to uncover unknown subdomain findings in our clients' environments.

By Justin Rhinehart, Joe Sechman
Technical Research

Call of DeFi: The Battleground of Blockchain

Call of DeFi: The Battleground of Blockchain

May 24, 2022

Last year, decentralized finance (DeFi) grew tremendously, not only in usage, but also in cybersecurity attack. To understand the risks of these new blockchain technologies and use cases, we analyzed the main hacks that occurred in 2021.

By Dylan Dubief
Load More

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.