ClawJacked WebSocket Hijack: AI Agent Command Injection TTPs
Mar 1 · 6 min read · Originally published on satyamrastogi.com ClawJacked vulnerability enables malicious websites to hijack local OpenClaw AI agents via WebSocket connection abuse, allowing remote command execution on victim systems. Executive Summary The ClawJacked v...
Join discussion
CVE-2026-2329: Grandstream VoIP RCE Attack Chain Analysis
Feb 23 · 5 min read · Originally published on satyamrastogi.com CVE-2026-2329 allows attackers to achieve remote code execution on Grandstream VoIP phones without authentication, leading to complete device compromise and call surveillance capabilities. Executive Summary...
Join discussion
Shields Up Defense Tech: Red Team Attack Surface Expansion
Feb 22 · 5 min read · Originally published on satyamrastogi.com Analysis of how cybersecurity defense technologies introduce new attack surfaces. Red team perspective on exploiting AI-powered security tools, cloud-native defenses, and zero trust architectures for initial...
Join discussion
Best AI Pentesting Tools in 2026
Feb 18 · 8 min read · In 2026, relying on yesterday’s security tools is like using a traditional map in the world of Google Maps. As cyberattacks grow more automated, organizations need smarter defenses. AI penetration testing tools help teams detect vulnerabilities faste...
Join discussionHackTheBox Meow (Linux Room) — Full Walkthrough
Feb 7 · 3 min read · This blog post documents my complete walkthrough of the Meow box on HackTheBox, from the theoritical questions to the practical enumeration phase. The goal was to practice a basic telnet login for beginners. This is part of the “Starting Point” found...
Join discussion