Search the Pentest-Tools.com Blog

A comprehensive deep dive into React2Shell (CVE-2025-55182)

React2Shell (CVE-2025-55182) is a CVSS 10.0, pre-auth remote code execution flaw in the React Server Components Flight protocol. This deep dive maps affected React and Next.js versions, explains the deterministic exploit chain, summarizes in-the-wild abuse, and lays out detection, mitigation, and validation steps you can apply in real environments.

How we built an exploit for SessionReaper, CVE-2025-54236 in Magento 2 & Adobe Commerce

Here's how we weaponized SessionReaper (CVE-2025-54236) against Magento 2, chaining ServiceInputProcessor quirks and a session proxy setter to forge customer sessions and hijack accounts. Our lab-tested PoC exposes attack surface, a possible preauth RCE, and an automated exploit - a practical walkthrough for researchers who like coffee strong and bugs reliable.

How web cache poisoning works and how to exploit it

Elevate your next pentest by exploiting web cache poisoning. This deep dive uncovers the RFC nuances, common misconfigurations, and unkeyed request components that transform low-severity injections into critical, widespread compromises. Learn practical detection, exploitation (with PoCs!), and advanced mitigation techniques to weaponize your findings.

What the experts say: Machine learning in offensive security

In this third installment, we stop talking and start listening. We asked seasoned offensive security professionals how they actually use machine learning in the field. Their verdict? ML works, when it’s focused. From spotting phishing entry points to flagging suspicious authentication patterns, the value is real. But it’s not magic. Used blindly, it adds noise. Used wisely, it accelerates analysts.

When severity scores mislead - the case against single-metric risk models

Are you still chasing high CVSS scores? Learn how multi-dimensional risk models reveal what attackers really target.

Beyond the hype: how we built a machine-learning classifier (and refused to call It AI)

How we cut web fuzzing FPs by 50% using Machine Learning

Beyond passive and active - a modern approach to network reconnaissance

This isn't your textbook recon. We're dissecting how modern network analysis blurs 'passive' and 'active,' offering a clearer path to target vulnerabilities.

Next.js security alert - how to attack and fix CVE-2025-29927

A single header bypass can compromise your entire Next.js application. Are you at risk? Find out how to fix CVE-2025-29927.

How to extract TLS secrets from Android apps using Frida and Wireshark

Break Android's TLS fortress! Frida & Wireshark reveal hidden app secrets. Bypass SSL pinning, expose API calls, and master traffic decryption now.

Buffer Overflows and Authentication Bypasses - exploiting CVE-2025-0282 and CVE-2024-55591

A critical Ivanti flaw lets attackers bypass defenses faster than you can patch. But that's not all. A silent vulnerability lurks in Fortinet, too.

Unpacking LDAPNightmare (CVE-2024-49113 and CVE-2024-49112)

Uncover the secrets of LDAPNightmare - crash domain controllers, exploit AD weaknesses, and sharpen your pentesting skills