Skip to main content

t1nt1n

CVE-2025-33053 Analysis

# Introduction

Hello fellow researcher! In this blogpost, we are going to do a deep analysis of CVE-2025-33053. How this simple yet sneaky tactic was/is being used by APT Group Stealth Falcon. Stealth Falcon, also known as Project Raven, G0038, and FruityArmor, is a cyberespionage group linked to the United Arab Emirates (UAE). They have been active since at least 2012, targeting political activists, journalists, and dissidents primarily in the Middle East, including the UAE, as well as individuals and entities in countries like the Netherlands, Saudi Arabia, Thailand, and the United Kingdom.

Peculiar Pentest Scenes - Client-side HTTP Encryption Folly

Hello fellow researcher! Welcome to the Chapter 1 of Peculiar Pentest Scenes series of blogs, where I take you through weird situations that I have encountered while being in different penetration testing engagements. In this post, I’m going to take you through Client-side HTTP Encryption and it’s nuances, how easy it can be to exploit web and mobile applications implementing this feature, and what are the possible right/correct ways to do it.

Setup a lovely little portfolio with hugo

Hugo is an amazing tool. It’s a powerful static site generator that can be used to create a beautiful websites. Hugo, is world’s fastest static website engine. What I like about Hugo is it’s speed and flexibility.

For my blog I can just use some simple Markdown files, and Hugo build the site for me. This helps me to create a blog that is easy to manage. For starters I followed the Hugo quick start tutorial to setup a my portfolio website.