
Hack Responsibly
Browse Hack Responsibly, a technical blog by The NetSPI Agents. Dive deep into the latest CVEs and vulnerabilities our team uncovers, and how we help NetSPI customers protect against the most important threats today.
Our Favorite Picks

15 Ways to Bypass the PowerShell Execution Policy
NetSPI security expert Scott Sutherland covers 15 ways to bypass the PowerShell execution policy without having local administrator rights on the system.

Four Ways to Bypass Android SSL Verification and Certificate Pinning
Explore four techniques to bypass SSL certificate checks on Android in our Four Ways to Bypass Android SSL Verification and Certificate Pinning blog.

CVE-2024-21378 — Remote Code Execution in Microsoft Outlook
Learn how NetSPI discovered that Microsoft Outlook was vulnerable to authenticated remote code execution (RCE) via synced form objects.

Detecting Authorization Flaws in Java Spring via Source Code Review (SCR)
Discover how secure code review catches privilege escalation vulnerabilities in Java Spring apps that pentests miss – identify insecure patterns early.

Set Sail: Remote Code Execution in SailPoint IQService via Default Encryption Key
NetSPI discovered a remote code execution vulnerability in SailPoint IQService using default encryption keys. Exploit details, discovery methods, and remediation guidance included.

Extracting Sensitive Information from Azure Load Testing
Learn how Azure Load Testing’s JMeter JMX and Locust support enables code execution, metadata queries, reverse shells, and Key Vault secret extraction vulnerabilities.

CVE-2025-26685 – Spoofing to Elevate Privileges with Microsoft Defender for Identity
Discover how NetSPI uncovered and reported a vulnerability in Microsoft Defender for Identity that allowed unauthenticated attackers to perform spoofing and elevate privileges.

Pew Pew, Precisely: The Physics and Practices Behind RayV Lite
We began with a simple question: could laser fault injection be democratized? Our answer is a resounding yes. With back-of-the-envelope physics, modest optics, and basic spare parts, we created a replicable, low-cost method for laser-based hardware attacks.

CVE-2025-23009 & CVE-2025-23010: Elevating Privileges with SonicWall NetExtender
NetSPI discovered multiple arbitrary SYSTEM file delete vulnerabilities in SonicWall NetExtender for Windows. Learn how NetSPI discovered and leveraged these for local privilege escalation.

Getting Shells at Terminal Velocity with Wopper
This article introduces Wopper – a new NetSPI tool that creates self-deleting PHP files and automates code execution on WordPress using administrator credentials.

CVE-2025-21299 and CVE-2025-29809: Unguarding Microsoft Credential Guard
Learn more about the January 2025 Patch Tuesday that addresses a critical vulnerability where Kerberos canonicalization flaws allow attackers to bypass Virtualization Based Security and extract protected TGTs from Windows systems.

CVE-2025-27590 – Oxidized Web: Local File Overwrite to Remote Code Execution
Learn about a critical security vulnerability (CVE-2025-27590) in Oxidized Web v0.14 that allows attackers to overwrite local files and execute remote code execution.

A Not So Comprehensive Guide to Securing Your Salesforce Organization
Explore key background knowledge on authorization issues and common bad practices developers may unintentionally introduce in Salesforce Orgs.

The Things We Think and Do Not Say: The Future of Our Beacon Object Files (BOFs)
Learn about a reference design for a new Beacon Object Files portable executable concept and helpful features.

CVE-2024-28989: Weak Encryption Key Management in Solar Winds Web Help Desk
Learn how an attacker with access to a backup file could potentially recover certain encrypted passwords.