Joined September 2016
- Tweets 85
- Following 92
- Followers 1,989
- Likes 49
9 Photos and videos
Pinned Tweet
May 28
🔓 On an asset under our continuous monitoring, our pentester @nol_tech turned a SELECT-only PostgreSQL SQLi in Drupal (CVE-2026-9082) into a full RCE when DB role is superuser. Details below 👇
📝 blog.lexfo.fr/drupal-postgre…
🛠️ github.com/ambionics/cve-202…
#Drupal #PostgreSQL #RCE #SQLi
2
20
66
8,548
Ambionics Security retweeted
Apr 16
Congratulations to our pentester @nol_tech on placing 2nd in the Web Senior category at the #FCSC2026 qualifications, with a score of 3,616 points.
This kind of result speaks for itself. Best of luck for the next rounds! 🍀
#CTF #Cybersecurity
4
11
645
Apr 10
🚨 Critical File Upload to RCE in @NinjaForms File Uploads @WordPress plugin (CVE-2026-0740)!
Deep dive & PoC:
👉blog.lexfo.fr/ninja-forms-up…
🔍By @whattheslime from @Ambionics CTEM solution
🛡️Patch available (v3.3.27) — Update now!
#WordPress #RCE #InfoSec #CyberSecurity #CVE
2
26
66
6,444
Ambionics Security retweeted
27 Oct 2025
🔔 New research from Lexfo on pre- & post-authentication vulnerabilities in WSO2 products — uncovering bypasses, RCE, SSRF, CSRF, and account-takeover risks. See our detail article → blog.lexfo.fr/wso2.html
#cybersecurity #infosec #offensivesecurity #pentest #WSO2
15
62
6,416
8 Jul 2025
🚀 Huge thanks to @cfreal_ for the threading PR.
Lightyear is now faster than ever! We truly appreciate continued contributions.
If you haven’t yet, give lightyear a try and see the difference yourself!
#opensource #lightyear #performance #php #pentest #infosec #cybersecurity
23 Jun 2025
lightyear just got 6 times faster!
Although I now work at @Synacktiv, I proposed a PR for the tool to support threading and compression, greatly reducing the time required to dump a file.
Dumping the demo /etc/passwd now takes 48s instead of 5m30.
github.com/ambionics/lightye…
2
10
1,181
18 Mar 2025
GLPI, an open-source IT service management software suite, has released version 10.0.18, addressing two critical vulnerabilities found by our experts : an SQL injection (CVE-2025-24799) and a remote code execution (CVE-2025-24801). Checkout our blog post: blog.lexfo.fr/glpi-sql-to-rc….
2
22
79
7,604
18 Mar 2025
The discovered chain contains interesting new vectors : Pre-authentication SQLi on the Inventory native feature ->Authentication bypass by fetching api_token or personal_token -> Either plugin command injection through the Marketplace or a new LFI vector via PDF exports->RCE.
1
4
607
12 Mar 2025
New #PHP research by @ptswarm ! Using our tools wrapwrap (github.com/ambionics/wrapwra…) and our latest one lightyear (github.com/ambionics/lightye…) developed by @cfreal_ ! #php #xxe #infosec #CyberSecurity
🔥 The "impossible" XXE in PHP? Not so impossible anymore.
Our researcher Aleksandr Zhurnakov discovered an interesting combination of PHP wrappers and a feature of XML parsing in libxml2 to exploit it.
Read: swarm.ptsecurity.com/impossi…
5
13
1,806
4 Nov 2024
We're proud to announce LIGHTYEAR, a tool that let you dump files, blind, in PHP, based on a new algorithm.
ambionics.io/blog/lightyear-…
90
245
28,572
21 Oct 2024
Kudos to @cfreal_ for his talk @defcon a few weeks ago !
You can watch it now on Youtube !
youtube.com/watch?v=11Yv2Ru7…
1
9
612
30 Sep 2024
At long last: Iconv, set the charset to RCE (part 3): in this final part of the iconv series, @cfreal_ demonstrates how you can use CVE-2024-2961 to convert BLIND file reads to RCE. ambionics.io/blog/iconv-cve-…
1
53
144
44,780
17 Jun 2024
Iconv, set the charset to RCE (part 2): @cfreal_ exploits direct iconv() calls to hack the PHP engine, and its most popular webmail, @Roundcube (CVE-2024-2961). ambionics.io/blog/iconv-cve-…
65
165
25,980
5 Jun 2024
Scalpel is here: this @Burp_Suite extension lets you edit your requests, in Python 3, in the repeater or on-the-fly. ambionics.io/blog/scalpel
1
15
50
9,698
5 Jun 2024
đź“· Modify the entire traffic with Scalpel. Implement custom logic to manipulate requests globally using the request function:
1
340
5 Jun 2024
đź“· Learn more and contribute: Scalpel is in Alpha and your feedback is valuable. Check the docs and join us on GitHub!
github.com/ambionics/scalpel
1
288
27 May 2024
Iconv, set the charset to RCE: in the first blog post of this series, @cfreal_ will show a new exploitation vector to get RCE in PHP from a file read primitive, using a bug in iconv() (CVE-2024-2961) ambionics.io/blog/iconv-cve-…
3
121
299
54,402
23 Apr 2024
PHPGGC just reached 3000 stars on @github !
In 7 years, it went from a handful of gadget chains to more than 140, with more than 50 contributors.
github.com/ambionics/phpggc
Thank You !
4
22
2,202