🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Learn about the two @Owncloud vulnerabilities CVE-2023-49103 and CVE-2023-49105 in our new blogpost: ambionics.io/blog/owncloud-…

We've updated our blogpost about ownCloud with an #exploit for #CVE-2023-49105 and a video. ambionics.io/blog/owncloud-…

Introducing a new tool for #PHP filters attacks, #wrapwrap: an algorithm to add an arbitrary prefix and suffix to a PHP resource, improving the exploitation of file read and #SSRF vulnerabilities. ambionics.io/blog/wrapwrap-…

Congrats to Charles Fol who will be speaker at offensivecon in Berlin in May !

PHPGGC just reached 3000 stars on GitHub ! In 7 years, it went from a handful of gadget chains to more than 140, with more than 50 contributors. github.com/ambionics/phpg… Thank You !

Iconv, set the charset to RCE: in the first blog post of this series, Charles Fol will show a new exploitation vector to get RCE in PHP from a file read primitive, using a bug in iconv() (CVE-2024-2961) ambionics.io/blog/iconv-cve…

Iconv, set the charset to RCE (part 2): Charles Fol exploits direct iconv() calls to hack the PHP engine, and its most popular webmail, @Roundcube (CVE-2024-2961). ambionics.io/blog/iconv-cve…

In August, Charles Fol will be at DEF CON to talk about CVE-2024-2961. Don't miss Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine ! #DEFCON32

At long last: Iconv, set the charset to RCE (part 3): in this final part of the iconv series, Charles Fol demonstrates how you can use CVE-2024-2961 to convert BLIND file reads to RCE. ambionics.io/blog/iconv-cve…

Kudos to Charles Fol for his talk DEF CON a few weeks ago ! You can watch it now on Youtube ! youtube.com/watch?v=11Yv2R…

We're proud to announce LIGHTYEAR, a tool that let you dump files, blind, in PHP, based on a new algorithm. ambionics.io/blog/lightyear…

New #PHP research by PT SWARM ! Using our tools wrapwrap (github.com/ambionics/wrap…) and our latest one lightyear (github.com/ambionics/ligh…) developed by Charles Fol ! #php #xxe #infosec #CyberSecurity

🚀 Huge thanks to Charles Fol for the threading PR. Lightyear is now faster than ever! We truly appreciate continued contributions. If you haven’t yet, give lightyear a try and see the difference yourself! #opensource #lightyear #performance #php #pentest #infosec #cybersecurity