Write-ups

• Write-ups
  • New Attack Surface Management Editions
    • New products and new solutions
    • What about current subscriptions?
    • Any question?
  • Roundcube CVE-2020-12641
    • The exploit
    • Getting a list of Roundcube URLs
    • Detecting open installer instances
    • Working out the Roundcube version
    • Who is vulnerable?
    • Conclusion
  • Count of vulnerable Joomla! to CVE-2023-23752
    • On testing the vulnerability
    • Counting the number of vulnerable instances
    • How many are also exposing publicly a database?
    • Conclusion
  • Diving into Zimbra CVE-2022-27925 vulnerability and version detection
    • A critical vulnerability with public exploits
    • Two methods to perform an innocuous and reliable check
    • Remote version detection
    • Binding it all together
    • Exposed Zimbra assets vs exposed & vulnerable assets
    • Conclusion
  • Major changes for historical queries and roadmap 2023
    • A new license is born
    • Major historical queries changes
    • Roadmap 2023
  • Our 10 Commandments for Ethical Internet Scanning
    • Our 10 Commandments for Ethical Internet Scanning
  • Why we won't scan /0 for log4shell issue
    • On blind HTTP scanning with billions of requests
    • Large scale vulnerability scanning considerations
    • What we could do regarding that issue
    • ONYPHE dorks
  • ONYPHE vs Shodan
    • ONYPHE capabilities
    • Free View vs Butterfly View vs Enterprise Views
    • Databases
    • Exposed ports
    • Conclusion