Sprocket Security's Director of Technical Operations reveals how Domain Admin access was gained through overlooked misconfigurations and intricate attack paths, with both insight and humor.
Resources
Blog
Testing Lab
Keep up to date with the latest offensive security news, knowledge, and resources.
Sprocket Security Senior Penetration Tester examines how transliteration and language backgrounds shape password creation, adding complexity for both users and attackers in his 2025 CypherCon talk.
Explore common pitfalls in Java and C# reflection practices—understand how insecure use of reflection can expose applications to vulnerabilities like code injection, unauthorized access, and bypassed security controls, and learn key strategies to harden your code.
Explore how Sprocket Security uncovered chained vulnerabilities and learn how overlooked parameters led to serious security risks.
What being a hacker really means—no title required. After a decade in offensive security, Nate Fair shares honest lessons on hacking.
Explore a security expert's take on validating the Next.js CVE-2025-29927 exploit, its impact, and techniques for assessing and mitigating the risk.
