Exploiting the Synology TC500
Covers a format-string exploit developed for a smart camera, enabling RCE in a LAN microservice, though it wasn’t deployed.
| Web | https://kriware.com/ |
kriware 
@kriware@infosec.exchange
- 39 Followers
- 30 Following
- 370 Posts
Security Analyst at Layakk
Permanent student
Kriware Security Feed: Feed of technical blogs about cybersecurity. -> Telegram Channel: https://t.me/kriwarefeed
YouTuber: kriware
RootedCON co-organizer
Qualcomm DSP Kernel Internals
Explains core architecture and components of Qualcomm’s FastRPC-based DSP kernel driver.
Attacking GenAI applications and LLMs
LLM prompt attacks leak data, abuse tools
Doublespeak Chat LLM Escape Game
Web-based text adventure challenges users to jailbreak LLM prompts across levels, showing prompt injection risks and evaluating countermeasures.
Implementing Channel Binding in mssqlclient.py
Walkthrough adding Channel Binding support to Impacket's mssqlclient.py, detailing CBT basics, implementation hurdles, and testing against NTLM relay.
https://sensepost.com/blog/2025/a-journey-implementing-channel-binding-on-mssqlclient.py/
Let Me Cook You a Vulnerability: Exploiting the Thermomix TM5
Firmware downgrade exploit enables persistent code on Thermomix TM5
Hands-On OT Cyber Range
Interactive OT/ICS lab delivers real environments for hands-on training, pentesting, IDS tuning, and SIEM validation, deployable in minutes.
PiCCANTE – Vehicle CAN‑Bus Tool on Raspberry Pi Pico
A toolkit enabling exploration and manipulation of vehicle CAN bus networks via a Raspberry Pi Pico platform, offering multiple CAN interfaces, USB/SLCAN support, Wi‑Fi, web UI, Bluetooth, MITM and logging.
remoteKrbRelayx – Kerberos Auth Relay via DCOM/RPC
A Python tool enabling coercion and relaying of Kerberos authentication over DCOM and RPC, using remote coercion and RPC-based relay techniques to target Active Directory environments
RAITrigger – Local SYSTEM Authentication Trigger for Relaying
A low‑privileged domain user can call the RPC function RAiForceElevationPromptForCOM in appinfo.dll to trigger SYSTEM‑level authentication to an arbitrary UNC path, enabling NTLM relay or ADCS attacks in domain environments.
