   ██████╗  ██████╗  ██████╗ ████████╗███████╗██╗  ██╗███████╗██╗     ██╗     
   ██╔══██╗██╔═══██╗██╔═══██╗╚══██╔══╝██╔════╝██║  ██║██╔════╝██║     ██║     
   ██████╔╝██║   ██║██║   ██║   ██║   ███████╗███████║█████╗  ██║     ██║     
   ██╔══██╗██║   ██║██║   ██║   ██║   ╚════██║██╔══██║██╔══╝  ██║     ██║     
   ██║  ██║╚██████╔╝╚██████╔╝   ██║   ███████║██║  ██║███████╗███████╗███████╗
   ╚═╝  ╚═╝ ╚═════╝  ╚═════╝    ╚═╝   ╚══════╝╚═╝  ╚═╝╚══════╝╚══════╝╚══════╝

Welcome to RootShell

Hardcore cybersecurity deep dives & breaking security news

132

Posts

Studies

News

📚 ~/study - Cyber Deep Dives

68 postsView all →

studyMar 16, 202615 min read

Advanced Blind SSRF Exploitation: Multi-Stage OOB, Rate-Limit Bypass & Automation

Learn how to chain blind SSRF requests for multi-stage out-of-band attacks, defeat rate-limiting controls, and build automated frameworks that scale. Real-world examples, code snippets, and mitigation strategies are covered for security professionals.

ssrfblind-ssrfout-of-bandautomation

studyMar 15, 202615 min read

Mastering CL.TE Desync: Content-Length vs Transfer-Encoding Exploitation

Learn how CL.TE HTTP request smuggling works, craft malicious payloads, detect vulnerable servers, and apply robust mitigations. Includes theory, hands-on labs, tools, and real-world case studies.

http-request-smugglingcl-tecontent-lengthtransfer-encoding

studyMar 15, 202615 min read

Active DNS Enumeration: dig, nslookup, host, fierce & dnsrecon

Learn how to harvest DNS data using dig, nslookup, host, fierce, and dnsrecon. The guide covers record types, scripting, wildcard detection, AXFR attempts, automation with bash/jq, and how to turn raw results into actionable intelligence.

dnsreconnaissancedignslookup

studyMar 14, 202615 min read

Intro to Google Dorking: Mastering Basic Search Operators

Learn how Google’s advanced search operators work, how to craft precise dorks, and how to automate and protect against information leakage using practical examples and scripts.

google-dorkingsearch-operatorsreconnaissanceinformation-leakage

studyMar 12, 202615 min read

Unconstrained Delegation Abuse: Exploiting Mis-configured SPNs

Learn how to locate SPNs with unconstrained delegation, request and forge Kerberos tickets using PowerView and Rubeus, and pivot to high-privilege accounts. Includes detection, mitigation, and hands-on labs.

activedirectorykerberosdelegationprivilegeescalation

studyMar 11, 202615 min read

WebSocket Tunneling for C2: Introductory Study Guide

Learn how WebSocket connections can be abused for command and control, from handshake fundamentals to building a minimal C2 server and evasion techniques. This guide offers practical code, detection tips, and real-world context for security professionals.

websocketc2tunnelingdefense

📡 ~/news - Security News

64 postsView all →

newsMar 16, 20268 min read

Critical HPE AOS-CX Flaw Lets Remote Attackers Reset Admin Passwords

A newly disclosed CVE-2026-23813 in HPE Aruba AOS-CX switches permits unauthenticated remote password resets via the web UI. With a CVSS score of 9.8, the bug threatens full control of enterprise and service-provider networks until patched.

HPEAOS-CXVulnerabilityNetwork Security

newsMar 15, 20268 min read

Ivanti Endpoint Manager Auth Bypass (CVE-2026-1603) Added to CISA KEV

CISA has placed Ivanti Endpoint Manager’s authentication-bypass flaw (CVE-2026-1603) on its Known Exploited Vulnerabilities list, urging agencies to patch within two weeks. The unauthenticated bypass can steal credential data and is already being used in the wild, despite patches being available since early 2021.

IvantiCVE-2026-1603Authentication BypassCISA KEV

newsMar 15, 20268 min read

Critical RCE Flaws Hit Veeam Backup & Replication - Patch Immediately

Three authenticated remote code execution bugs (CVE-2026-21666, CVE-2026-21667, CVE-2026-21708) and two high-severity flaws threaten Veeam Backup & Replication servers. Rapid patching to build 12.3.2.4465 is essential to protect backup data from ransomware and other attacks.

VeeamRCEBackup SecurityPatch Management

newsMar 14, 20268 min read

Google Patches Two Actively Weaponized Chrome Zero-Days (Skia & V8)

Google released emergency updates on March 13 2026 for Chrome zero-days CVE-2026-3909 (Skia) and CVE-2026-3910 (V8), both rated 8.8 CVSS and confirmed exploited in the wild. The patches close a third weaponized Chrome flaw this year.

ChromeZero-DaySecurityVulnerability

newsMar 12, 20268 min read

Zero-Day Alert: CVE-2026-21262 Lets Low-Privileged Users Grab SQL Sysadmin Rights

Microsoft disclosed a critical elevation-of-privilege zero-day in SQL Server 2016-2025 (CVE-2026-21262). An authenticated low-privilege account can pivot to sysadmin, jeopardizing on-prem, cloud, and hybrid deployments. Patches released March 10-11, 2026 - immediate remediation is essential.

SQL ServerZero-DayPrivilege EscalationPatch Tuesday

newsMar 11, 20268 min read

Zero-Click Data Theft: Excel’s Copilot Agent Flaw (CVE-2026-26144)

A critical information-disclosure bug (CVE-2026-26144) lets a malicious Excel file trigger Copilot Agent to exfiltrate data without any user interaction. Microsoft patched it in March 2026; immediate mitigation is to apply the update or disable Copilot.

Microsoft ExcelCopilotCVE-2026-26144Zero-click

☕ Support This Project

❤️ Buy Me a Coffee

Support my open source work on GitHub Sponsors