Luke Jahnke

🧵My latest blog post is live 🔥 Read it to learn what SafeMarshal is and *two* very different ways to escape and get RCE! nastystereo.com/security/ruby-…

lightyear just got 6 times faster! Although I now work at @Synacktiv, I proposed a PR for the tool to support threading and compression, greatly reducing the time required to dump a file. Dumping the demo /etc/passwd now takes 48s instead of 5m30. github.com/ambionics/ligh…

DownUnderCTF 6 Challenges & Solutions: github.com/DownUnderCTF/C…

Get ready! Exciting prizes await the top student teams in a variety of categories!🏆But that’s not all! We're also handing out special awards for the sharpest write-ups and the most hilarious, high-quality memes. 😎Open to creative minds worldwide!🌐Spot prizes available too!🎉

@PentesterLab 's Code Review badge contains 18 bugs inside real projects (107 labs total). No recycled CVEs... I found & disclosed each one. Because AppSec isn’t 100-line snippets or RCE treasure hunts; it’s spotting the "boring" flaws that makes application less secure!

Whenever I audit C# code, I look for benign file operations such as File.Exists(), especially if there's a preceding Path.Combine(). Read about how we leaked NTLM hashes pre-authentication in DotNetNuke (CVE-2025-52488) due to a perfect storm of issues. slcyber.io/assetnote-secu…

I wrote two challenges for this year's Google CTF. One of them is Circo - A challenge inspired by EntrySign (the AMD ucode vuln) and the other is Sphinx (a diff crypto task). I wrote the tasks with a few goals in mind that I wanted to share, but this thread is about Circo. 1/🧵

I published blogs detailing two vulnerabilities I recently discovered in Sudo. Update to 1.9.17p1. CVE-2025-32462 - Sudo Host option Elevation of Privilege Vulnerability stratascale.com/vulnerability-… CVE-2025-32463 - Sudo chroot Elevation of Privilege Vulnerability…

Paged Out! #6 — now in print Two editions: 🟢 Regular 💎 Sponsor Edition — full-back badge in Gold, Platinum or Diamond Same content. Different legacy. 👉 lulu.com/spotlight/page… #PagedOut #printondemand #opensource #techzine

PentesterLab has the largest collection of hands-on JWT labs. We cover algorithm confusion, jku, kid, x5u and so much more. We also research new attack techniques and review JWT-related CVEs. Here is a great one we came across today...

Check out how I discover CVE-2025-33073 : RCE with NTLM reflectiv attack allowing authenticated user to compromise any machine without SMB signing enforced !

I was working on our latest lab for CVE-2025-25291, a vulnerability in Ruby-SAML. As a Ruby and SAML nerd 🤓, what’s not to love about this bug… An exploit for the issue was published as a nuclei template, so I grabbed it (after a few tweaks for my IDP|SP) and started playing!

soundcloud.com/ytcracker/ytcr…

Slides are at 0day.click/parser-diff-ta…

I’m very honored and grateful to have made it to Phrack! 😎🙏🏻

If you're in Melbourne and are into AppSec, this event looks alright: meetup.com/appsec-austral…

I built this training for pentesters and AppSec engineers who want to get better at finding vulnerabilities by reading code. It’s based on years of hands-on code reviews and real CVE analysis. If you’re looking to level up, check it out: pentesterlab.com/live-training

We’re hiring Vulnerability Researchers at @infosectcbr that specialise in Linux, OS kernels, Android, and embedded/IoT. With a world class hardware lab, come join our friendly and collaborative team, focusing on research against leading technologies. DM for details.

One of the best ways to scale AppSec? Give developers secure defaults. I just updated a blog post on what developers already get “for free” — and what they still don’t. Quick 🧵 on the highlights: