https://segfault.solutions Pentesting, hardware hacking, CTFs and RF — by Jimmy en-us Thu, 16 Apr 2026 20:50:01 +0000 Thu, 16 Apr 2026 20:47:20 +0000 60 https://segfault.solutions/segfault-handler.html edc6997a1675a85711510f4110b2fae1 Thu, 16 Apr 2026 20:47:20 +0000 project Segfault Handler is a custom reverse shell handler built in Python for the Segfault.Solutions HTB team. It replaces netcat listeners with a full-featured multi-session terminal — auto-upgrading raw shells to PTY, detecting OS and hostname on connect, and providing a modular post-exploitation framewo… https://segfault.solutions/esp32div.html 4583cf96ed2b0cf01defffee26517e0f Wed, 15 Apr 2026 12:43:00 +0000 project The ESP32 DIV v2.1 is an open-source multi-band wireless testing toolkit by CiferTech, built around the ESP32-S3. It supports WiFi, BLE, 2.4GHz and Sub-GHz frequencies — designed for wireless testing, signal analysis, jamming research and protocol exploration. The v2.1 is modular — a stable core boa… https://segfault.solutions/proxmark.html 1a0baab4382acf59607060b47ec7300c Fri, 10 Apr 2026 12:27:30 +0000 project The Proxmark3 RDV4 is a high-performance open-source RFID/NFC research platform. Compared to earlier revisions, the RDV4 ships with a redesigned antenna system — dedicated LF (125 kHz) and HF (13.56 MHz) modules — plus onboard SPI flash for standalone scripts and an optional Bluetooth add-on. Runnin… https://segfault.solutions/htb-devarea-autopwn.html 2fd63367029e92f4dee95206cfd14171 Thu, 09 Apr 2026 12:18:52 +0000 project DevArea is a medium-difficulty Linux box centred around a Java SOAP web service running on port 8080. The service accepts MTOM (SOAP with attachments) and is vulnerable to XOP Include LFI — an attacker can read arbitrary files by injecting an xop:Include element pointing at a local path. This leaks … https://segfault.solutions/writeup.html?file=writeups/htb-garfield.md d1c19ddbd2f9d118323f02d25b2ed2bc Sun, 05 Apr 2026 00:00:00 +0000 writeup Difficulty: hard · OS: windows · Tags: RBCD, RODC, Golden Ticket, Key List Attack, ForceChangePassword, WinRM, logon script abuse, Pass-the-Hash, secretsdump, AD https://segfault.solutions/halehound.html 20eb41e35c7e17e2713eb25b94668336 Wed, 01 Apr 2026 15:28:52 +0000 project HaleHound CYD is the ESP32-DIV HaleHound Edition ported to the Cheap Yellow Display — a 2.8" ESP32 touchscreen device. It's a multi-protocol offensive security toolkit covering WiFi, Bluetooth, 2.4GHz (NRF24) and Sub-GHz (CC1101) with GPS wardriving — all controlled via the touchscreen. Currently on… https://segfault.solutions/hackrf-sstv.html 01f2b228b72ff11bfeae9afd8b9adc4f Wed, 01 Apr 2026 15:20:46 +0000 project Using a HackRF One SDR and hacktv to transmit analog television signals received on a vintage Sony Watchman FD-230 portable CRT TV. The project explores legacy analog broadcast standards — PAL and NTSC — encoding video from arbitrary sources and transmitting on VHF frequencies picked up by the Watch… https://segfault.solutions/writeup.html?file=writeups/htb-devarea.md 4c952e48f16fbfaef7f31dc0cb47b63c Sun, 29 Mar 2026 00:00:00 +0000 writeup Difficulty: medium · OS: linux · Tags: FTP, SSRF, XOP/MTOM, RCE, command injection, symlink, privesc https://segfault.solutions/magspoof.html a4d68834cf2948a9bf895c43aa91cab3 Fri, 27 Mar 2026 21:37:19 +0000 project A custom-built magnetic stripe emulator based on Samy Kamkar's original MagSpoof concept, redesigned with a custom PCB. The device wirelessly emulates magstripe cards on traditional readers — no NFC or RFID required. Built for research and educational purposes. https://segfault.solutions/protopirate.html 30a6acf53e1cc4b182a675ea7a3286f5 Fri, 27 Mar 2026 21:37:18 +0000 project Testing the ProtoPirate feature built into the Evil Crow RF v2 Android app. The setup uses a Flipper Zero to transmit a known fob signal while the Evil Crow RF v2 captures and analyses it. The device is controlled wirelessly via the Evil Crow RF v2 Android app over Bluetooth. https://segfault.solutions/reaperai.html d6df37cf728749670bf43c5d83b7c44e Sat, 21 Mar 2026 02:26:53 +0000 project ReaperAI is an automated pentesting assistant powered by Claude AI and Claude Code, connected to Kali Linux via MCP (Model Context Protocol). A single command triggers a 4-agent pipeline — Planner, Recon, Pentester and Reporter — that autonomously maps, attacks and documents a target. https://segfault.solutions/writeup.html?file=writeups/htb-kobold.md 62d6dd6269e13525344863487885b553 Sat, 21 Mar 2026 00:00:00 +0000 writeup Difficulty: easy · OS: linux · Tags: MCP RCE, LFI, config leak, JWT, container escape https://segfault.solutions/cve-2025-55182.html 4c9ae2914e577c1489b55c3d5e8a1d7d Tue, 17 Mar 2026 06:56:17 +0000 project CVE-2025-55182, dubbed React2Shell, is a critical unauthenticated RCE vulnerability in React Server Components disclosed December 3, 2025 by researcher Lachlan Davidson. A single crafted HTTP POST triggers unsafe deserialization in the React Flight protocol — no authentication, no user interaction, … https://segfault.solutions/keeloq.html dcdb76b6d3626d12a4fed4d5d7f30d45 Tue, 17 Mar 2026 06:31:54 +0000 project https://segfault.solutions/writeup.html?file=writeups/htb-cctv.md 8d7160fddbb3483e608e4531ef1d9133 Mon, 16 Mar 2026 00:00:00 +0000 writeup Difficulty: easy · OS: linux · Tags: CAP_NET_RAW, MotionEye, PHP, RCE, SQLI · CVEs: CVE-2024-51482, CVE-2025-60787 https://segfault.solutions/writeup.html?file=writeups/htb-pirate.md 17d44307ab736c001e6b0aac4de91381 Sun, 08 Mar 2026 00:00:00 +0000 writeup Difficulty: hard · OS: windows · Tags: Active-Directory, NTLM-relay, GMSA abuse, SPN, Potatoo, ACL abuse https://segfault.solutions/writeup.html?file=writeups/htb-interpreter.md 9e73ecfae216e48a983ee573ae70f963 Sun, 22 Feb 2026 00:00:00 +0000 writeup Difficulty: medium · OS: linux · Tags: cve, rce, java, xml, ssti https://segfault.solutions/writeup.html?file=writeups/htb-wingdata.md 6bcac2451ad8f07b6bd02bf85d477655 Sun, 15 Feb 2026 00:00:00 +0000 writeup Difficulty: easy · OS: linux · Tags: cve, rce, hash https://segfault.solutions/writeup.html?file=writeups/htb-facts.md b8e9295034e61f083c1ae534c5f2852c Sun, 01 Feb 2026 00:00:00 +0000 writeup Difficulty: easy · OS: linux · Tags: web, api, idor,s3 https://segfault.solutions/writeup.html?file=writeups/htb-variatype.md f8644b4a805da527f34ce75ae026b3ea Sat, 15 Mar 2025 00:00:00 +0000 writeup Difficulty: medium · OS: linux · Tags: git, lfi, rce, deserialization https://segfault.solutions/writeup.html?file=writeups/htb-pterodactyl.md b23e22c073550600cd2518f2e7221c7f Sat, 08 Feb 2025 00:00:00 +0000 writeup Difficulty: medium · OS: linux · Tags: RCE, CVE-2025-49132, PAM, XFS, opensuse, docker,