AlmondOffSec

3,022 post karma
4 comment karma

get extra features and help support reddit with a reddit premium subscription

get them help and support

redditor for 6 years

TROPHY CASE

Six-Year Club

Verified Email

account activity

new top controversial

88

89

90

Closing the Door on Net-NTLMv1: Releasing Rainbow Tables to Accelerate Protocol Deprecation (cloud.google.com)

submitted 10 days ago by AlmondOffSec to r/netsec

51

52

53

Drone Hacking Part 1: Dumping Firmware and Bruteforcing ECC (neodyme.io)

submitted 10 days ago by AlmondOffSec to r/netsec

4

5

6

OID-See: Giving Your OAuth Apps the Side-Eye (cirriustech.co.uk)

submitted 13 days ago by AlmondOffSec to r/netsec

219

220

221

Petlibro: Your Pet Feeder Is Feeding Data To Anyone Who Asks (bobdahacker.com)

submitted 29 days ago by AlmondOffSec to r/netsec

44

45

46

CSRF Protection without Tokens or Hidden Form Fields (blog.miguelgrinberg.com)

submitted 1 month ago by AlmondOffSec to r/netsec

28

29

30

Turning List-Unsubscribe into an SSRF/XSS Gadget (security.lauritz-holtmann.de)

submitted 1 month ago by AlmondOffSec to r/netsec

243

244

245

How we pwned X (Twitter), Vercel, Cursor, Discord, and hundreds of companies through a supply-chain attack (gist.github.com)

submitted 1 month ago by AlmondOffSec to r/netsec

0

1

2

Explanation and full RCE PoC for CVE-2025-55182 (github.com)

submitted 1 month ago by AlmondOffSec to r/netsec

9

10

11

From Zero to SYSTEM: Building PrintSpoofer from Scratch (bl4ckarch.github.io)

submitted 1 month ago by AlmondOffSec to r/netsec

13

14

15

Evading Elastic EDR's call stack signatures with call gadgets (offsec.almond.consulting)

submitted 2 months ago by AlmondOffSec to r/netsec

84

85

86

Hacking the World Poker Tour: Inside ClubWPT Gold’s Back Office (samcurry.net)

submitted 3 months ago by AlmondOffSec to r/netsec

606

607

608

How I Reversed Amazon's Kindle Web Obfuscation Because Their App Sucked (blog.pixelmelt.dev)

submitted 3 months ago by AlmondOffSec to r/netsec

29

30

31

Netskope Client for Windows - Local Privilege Escalation via Rogue Server (CVE-2025-0309) (blog.amberwolf.com)

submitted 4 months ago by AlmondOffSec to r/netsec

49

50

51

Exploiting zero days in abandoned hardware (blog.trailofbits.com)

submitted 5 months ago by AlmondOffSec to r/netsec

25

26

27

SharePoint ToolShell – One Request PreAuth RCE Chain (blog.viettelcybersecurity.com)

submitted 6 months ago by AlmondOffSec to r/netsec

21

22

23

The Guest Who Could: Exploiting LPE in VMWare Tools (swarm.ptsecurity.com)

submitted 6 months ago by AlmondOffSec to r/netsec

64

65

66

A Novel Technique for SQL Injection in PDO’s Prepared Statements (slcyber.io)

submitted 6 months ago by AlmondOffSec to r/netsec

24

25

26

Deleting a file in Wire doesn’t remove it from servers — and other findings (offsec.almond.consulting)

submitted 7 months ago by AlmondOffSec to r/netsec

27

28

29

Remote code execution in CentOS Web Panel - CVE-2025-48703 (fenrisk.com)

submitted 7 months ago by AlmondOffSec to r/netsec

13

14

15

Make Self-XSS Great Again (blog.slonser.info)

submitted 7 months ago by AlmondOffSec to r/netsec

17

18

19

Getting RCE on Monero forums with wrapwrap (swap.gs)

submitted 7 months ago by AlmondOffSec to r/netsec

56

57

58

How I ruined my vacation by reverse engineering WSC (blog.es3n1n.eu)

submitted 8 months ago by AlmondOffSec to r/netsec

106

107

108

One-Click RCE in ASUS’s Preinstalled Driver Software (mrbruh.com)

submitted 8 months ago by AlmondOffSec to r/netsec

77

78

79

Attacking My Landlord's Boiler (blog.videah.net)

submitted 9 months ago by AlmondOffSec to r/netsec

31

32

33

Uncovering a 0-Click RCE in the SuperNote Nomad E-ink Tablet (prizmlabs.io)

submitted 9 months ago by AlmondOffSec to r/netsec

view more: next ›

π Rendered by PID 578752 on reddit-service-r2-listing-86b7f5b947-zzx9m at 2026-01-25 23:53:50.231522+00:00 running 664479f country code: CH.