Our security research and proof-of-concept development work has been featured in leading industry publications, technical blogs, and security news outlets. This recognition reflects our commitment to advancing the security industry through technical expertise and in-depth vulnerability analysis.
Our team developed a proof-of-concept exploit for this critical vulnerability in Erlang/OTP's SSH implementation, demonstrating its impact and helping drive rapid patching across the industry.
Impact
After the initial disclosure of this vulnerability in Erlang/OTP, our team developed a comprehensive proof-of-concept exploit that demonstrated its real-world impact. This PoC was widely referenced in security advisories and industry publications, helping organizations understand the severity of the issue and prioritize patching. Our technical analysis contributed to the broader security community's understanding of the vulnerability, which affected thousands of systems running Erlang-based applications.
Hawk is our lightweight Golang tool that intercepts SSH, su, and sudo credentials on Linux in real time via ptrace—without modifying target processes. Our blog post "Hawk's Prey: Snatching SSH Credentials" and the tool have been cited by industry research on vulnerability scanner risks and Linux EDR blind spots.
Impact
Praetorian cited our Hawk tool and companion blog post in their research on how vulnerability scanners using password-based authentication can become credential-theft targets. Their article highlights ptrace-based credential interception techniques and notes that Linux EDR often fails to detect such methods. That underscores the relevance of tools like Hawk for both red team operations and defensive awareness.