https://blog.xpnsec.com/ https://blog.xpnsec.com/images/profile-image.jpg https://blog.xpnsec.com/ Sat, 09 May 2026 21:23:58 GMT https://blog.xpnsec.com/ 60 https://blog.xpnsec.com/accidental-c2/ Sat, 09 May 2026 19:19:16 GMT Dev Tunnels aren’t “just port forwarding”. They consist of layers of embedded protocols with RPC messages being exchanged. Once you peel the layers, you quickly see how Dev Tunnels are a C2 framework with extra steps. llm redteam vscode c2 https://blog.xpnsec.com/An-Evening-with-Claude-Code/ Sat, 29 Nov 2025 19:19:16 GMT A deep dive into discovering CVE-2025-64755, a vulnerability in Claude Code v2.0.25. This post walks through the process of reversing the obfuscated Claude Code JavaScript, and exploiting weak regex expressions to achieve code execution unprompted. claude llm mcp vulnerability cve https://blog.xpnsec.com/administrator-protection/ Fri, 20 Jun 2025 23:01:46 GMT Microsoft will be introducing Administrator Protection into Windows 11, so I wanted to have an understanding of how this technology works and how it interacts with existing offensive tooling. While this technology is just a thin wrapper around a separate account, there are a few nuances such as who is permitted to access these accounts, as well as existing UAC bypasses which are still effective against the new "backdoorless" Administrator Protection. This post explores these nuances in detail. redteam windows reversing https://blog.xpnsec.com/tokenization-confusion/ Wed, 04 Jun 2025 23:01:46 GMT In this post we look at the new Prompt Guard 2 model from Meta, and introduce a concept I've been calling "Tokenization Confusion" which aims to confuse Unigram tokenization into generating tokens which will result in the misclassification of malicious prompts. We'll also look at why building up our ML knowledge will lead to better findings when assessing LLM API’s, as I discovered during a flight across the Atlantic. llm machine-learning https://blog.xpnsec.com/the-sql-server-crypto-detour/ Wed, 16 Apr 2025 23:01:46 GMT One of the things that I love about my role at SpecterOps is getting to dig into various technologies and seeing the resulting research being used in real-time. This post will explore one such story of how I was able to go from a simple request of recovering credentials from a database backup, to reverse engineering how SQL Server encryption works, finding some new methods of brute-forcing database encryption keys.. and finally identifying a mistake in ManageEngine’s ADSelfService product which allows encrypted database backups to reveal privileged credentials. redteam sqlserver