UNC1739

Offensive security research. Web exploitation. Red team tradecraft.

// featured research

Qlik Sense Vulnerability Chain (ZeroQlik / DoubleQlik)

CVE-2023-41265 · CVE-2023-41266 · CVE-2023-48365

HTTP request tunneling and path traversal vulnerabilities enabling unauthenticated remote code execution. Exploited by Cactus ransomware and Magnet Goblin. Added to CISA KEV catalog.

view all cves →

// recent posts

Et Tu, Default Creds? Introducing Brutus for Modern Credential Testing

February 2026 · Praetorian Blog

Introducing Brutus, a multi-protocol credential testing tool for penetration testers and red teams. Covers default credential validation, SSH bad key testing, and pipeline integration with modern reconnaissance workflows.

toolscredential-testingred-team

Beyond the Last Mile: How Internet Routing Shapes Red Team Ops

August 2025 · Personal Blog

How Internet routing, peering relationships, and transit providers affect red team operations. Observations from tunneling traffic through web conferencing infrastructure.

red-teamnetworkingc2

Analyzing a Modern Linux Kernel Vulnerability (CVE-2023-0266)

April 2025 · Personal Blog

Deep dive into a use-after-free vulnerability in the Linux kernel sound subsystem exploited in the wild against Android devices.

linux-kernelvulnerability-researchexploit-dev