Red Teaming. Security Research. Continuous Penetration Testing. Threat Intelligence.
Joined July 2014
- Tweets 178
- Following 44
- Followers 6,931
- Likes 181
20 Photos and videos
Highly recommend the writeup from our @flomb_ and congrats on this well-deserved achievement!
incredibly excited to share that my research 'Playing with HTTP/2 CONNECT' made the final @PortSwigger Top 10 Web Hacking Techniques of 2025!
A huge thank you to everyone who voted. It’s a privilege to be featured alongside such talented researchers.
portswigger.net/research/top…
5
20
2,644
Jan 23
You like technical deep dives into binary exploitation and crazy heap wizardry? Then you'll like our blog post by @0xor_solo about unauth'ed RCE in NetSupport Manager aka CVE-2025-34164 & CVE-2025-34165 code-white.com/blog/2026-01-…
52
139
18,278
5 Dec 2025
Our 2024 applicants challenge is officially #roasted: the full BeanBeat × Maultaschenfabrikle walkthrough is now online. Unwrap the write-up at apply-if-you-can.com/walkthr… and revisit the hacks that escalated from cold brew to full breach.
12
34
2,714
29 Oct 2025
Latest ≠ Greatest? A Retrospective Analysis of CVE-2025-59287 in Microsoft WSUS from our very own @mwulftange who loves converting n-days to 0-days code-white.com/blog/wsus-cve…
1
52
98
15,356
15 Sep 2025
CODE WHITE proudly presents #ULMageddon which is our newest applicants challenge at apply-if-you-can.com/ packaged as a metal festival. Have fun 🤘 and #applyIfYouCan
2
14
33
4,969
5 Sep 2025
Ten days left. The warm-up fades. Maultaschen were soft. Bean Beats were dark and burnt. But the beats of #ULMageddon will be brutal! #applyIfYouCan
14
27
4,635
28 Aug 2025
We always love a good challenge. That’s why we’re sponsoring the 10th FAUST CTF. Game on at 2025.faustctf.net/
9
23
2,728
5 Aug 2025
We've added a new demo to NewRemotingTricks that makes deploying a MarshalByRefObject (e.g., WebClient) even easier: System.Lazy<T> creates an instance of T on serialization, which is probably more likely to be allowed than a XAML gadget getting through. github.com/codewhitesec/NewR…
1
31
89
7,564
14 Jul 2025
We have reproduced "ToolShell", the unauthenticated exploit chain for CVE-2025-49706 CVE-2025-49704 used by @_l0gg to pop SharePoint at #Pwn2Own Berlin 2025, it's really just one request! Kudos to @mwulftange
8
160
636
109,944
21 Jul 2025
To clarify: we did not discover these bugs - all credit goes to @_l0gg. We diffed the patches, quickly built a working exploit internally (and identified another auth bypass afterwards)
1
2
27
7,106
13 May 2025
Yes, we're beating a dead horse. But that horse still runs in corporate networks - and quietly gives attackers the keys to the kingdom. We're publishing what’s long been exploitable. Time to talk about it. #DSM #Ivanti code-white.com/blog/ivanti-d…
49
106
16,373
At @codewhitesec we have a red team style hacking challenge each year which is also a great way to practice/test/improve your skills ;)
2
1
6
1,833
CODE WHITE GmbH retweeted
31 Mar 2025
15
44
3,964
28 Mar 2025
Our crew members @mwulftange & @frycos discovered & responsibly disclosed several new RCE gadgets that bypass #Veeam's blacklist for CVE-2024-40711 & CVE-2025-23120 as well as further entry points following @SinSinology & @chudyPB's blog. Don’t blacklist, replace BinaryFormatter.
25
88
22,904
21 Feb 2025
Ever wondered how Kurts Maultaschenfabrikle got hacked in 2023? The full story, all technical details, out now ;-) apply-if-you-can.com/walkthr…
1
21
62
5,384
10 Oct 2024
Using Telerik Reporting or Report Server? Patch now to fix 3 RCEs @mwulftange found (CVE-2024-8015, CVE-2024-8014, CVE-2024-8048). Telerik vulns have a history of being exploited by threat actors according to @CISACyber Details at code-white.com/public-vulner…
20
61
10,886
7 Oct 2024
BeanBeat has been aquired by Kurts Maultaschenfabrikle! You don't know what that means? Head over to apply-if-you-can.com to find out in challenges that, without exception, stem from real-world vulns #uncompromisingRealism #finestHacking
16
43
6,457
1 Oct 2024
Think your #kubernetes or #kubelet API is secured with auth? Think again if you expose #tekton for which our crewmember @flomb_ has some nice writeup regarding RCE & proxy risks.
1 Oct 2024
Published my write-up regarding two vulnerabilities in the Tekton Dashboard.
blog.flomb.net/posts/tekton/
10
21
3,566
5 Sep 2024
Better patch your Veeam Backup & Replication servers! Full system takeover via CVE-2024-40711, discovered by our very own @frycos - no technical details from us this time because this might instantly be abused by ransomware gangs code-white.com/public-vulner…
5
98
273
37,345