Resource Center

The OrionX resource center deliver premier collections of online technical resources.

Advisory

Advisory
Advisory

FGX2022-001: SQL Injection in Oracle WebCenter Content Server CVE-2022-21552

Foregenix has identified an SQL injection vulnerability in Oracle WebCenter Content Server. This vulnerability was identified on parts of Oracle WebCenter Content Server that do not require any authentication, hence it is accessible to any network based attacker.

Advisory
Advisory

Disclosure Policy

This document outlines Foregenix’ Vulnerability Disclosure Policy in relation to vulnerabilities identified by Foregenix during the course of its penetration testing engagements. Foregenix believes in coordinated vulnerability disclosure hence we have gone to great lengths to balance this policy accordingly.

Datasheets

Datasheets

OrionX Offensive Services

Discover the most comprehensive and finest intelligence-led offensive security services to stop adversaries disrupting your business.

GitHub

GitHub
GitHub

Returning Patient

A long-haul purely DNS based command and control server/implant.

GitHub
GitHub

Defuji

A small script that can be used to decode user passwords on address book exports from Fuji/Xerox multifunction devices.

GitHub
GitHub

Casbin Enforcers

This repository contains an extension to the casbin framework allowing the user to chain an arbitrary number of custom enforcers. This allows functionality to be layered on top of the default casbin enforcer.

Cometa
Cometa

Interested in learning more about Bespoke Security Assessments?

TRUSTED BY

Join our Community

Subscribe to our blog and discover more about offensive tactics, techniques and procedures.