New from Ponemon Institute: The State of Offensive Security in 2023. Read the Report ›
Our Labs team is dedicated to finding creative solutions to difficult security problems and then sharing that information freely.
We believe the only way to advance the state of security is to collaborate with the broader community, and we do our best to contribute tools, research, and knowledge that can improve the security and privacy of data and systems. We hope our work has real impact on real lives. It's what inspires us every day.
We've invested in research from the very beginning because we believe everyone deserves to be secure online. This mission drives us to do better every day, to never stop learning, and to always be innovating. We use every tool in the box, and when we need something better, we build a new tool... and then add it to the toolbox so everyone benefits.
Our dedicated R&D team works with experts across our consulting and engineering organizations to develop new research, create novel security tools, and publish technical articles. In fact, we are proud to be the innovators and authors behind some of the most popular tools and most important findings in the offensive security space.
asminject.py is a code injection tool that compromises Linux-trusted processes and containers.
CloudFox is a command line tool created to help penetration testers and other offensive security professionals find exploitable attack paths in cloud infrastructure. It currently supports AWS.
Unredacter focuses on pixelation – and will show you why it’s a no-good, bad, insecure, surefire way to get your sensitive data leaked. The tool takes redacted, pixelized text and reverses it back into its unredacted form.
asminject.py: Compromise Trusted Linux Processes and Containers
This step-by-step technical guide highlights the capabilities of asminject.py, a code injection tool used to compromise Linux processes and containers.
Nov 21, 2022
Log HTTP Requests, Version 1.3.1, Advisory
By Etan Castro Aldrete
Oct 24, 2022
Atlassian Jira Align, Version 10.107.4 Advisory
By Jake Shafer
Sep 22, 2022
(In)Secure by Design
By Chris Bush, Shanni Prutchi
Sep 13, 2022
By Seth Art, Carlos Vendramini
Sep 08, 2022
Solving the Unredacter Challenge
By Shawn Asmus