Assetnote Blog
Attack surface management and zero-day research

Assetnote is world-renowned for their ability to find critical zero-day vulnerabilities in enterprise-grade software. Their blog is a masterclass in attacking the “unattackable” infrastructure that powers the Fortune 500.
Research Highlights
Enterprise Zero-Days
- Jira & Confluence: Chaining complex logic flaws into RCE.
- F5 & Ivanti: Analyzing critical vulnerabilities in networking appliances.
- SAML & Auth: Breaking enterprise identity providers.
Attack Surface Mapping
- Kube-Hunter: Exploiting misconfigured Kubernetes clusters.
- Subdomain Takeovers: Novel vectors in modern cloud environments.
Why Follow This Blog
Assetnote’s unique position—combining attack surface management product development with active security research—produces insights that bridge the gap between theoretical vulnerabilities and real-world exploitation. Their research consistently identifies critical flaws in the enterprise software that organizations assume is secure.
Key Topics Covered
Enterprise Application Security
- Atlassian Products: Jira, Confluence, Bitbucket vulnerabilities
- ServiceNow: IT service management platform security
- SAP Systems: Enterprise resource planning exploitation
- Oracle Applications: Database and application server vulnerabilities
- Microsoft Products: Exchange, SharePoint, and enterprise suite
Authentication & Identity
- SAML Exploitation: Single sign-on vulnerability research
- OAuth Attacks: Authorization framework flaws
- LDAP Injection: Directory service vulnerabilities
- Kerberos: Windows authentication attacks
- SSO Bypass: Enterprise identity provider weaknesses
Network Infrastructure
- Load Balancers: F5, Citrix, and traffic management devices
- VPN Appliances: Remote access infrastructure security
- Firewalls: Next-generation firewall vulnerabilities
- API Gateways: Application delivery controller flaws
Cloud & Container Security
- Kubernetes: Cluster misconfiguration and exploitation
- Container Escapes: Breaking container isolation
- Cloud Metadata: Instance metadata service attacks
- Serverless: Function-as-a-service security issues
Attack Surface Discovery
- Subdomain Enumeration: Finding forgotten assets
- Service Discovery: Identifying exposed applications
- Technology Fingerprinting: Understanding target stacks
- Vulnerability Correlation: Mapping exposure to exploitability
Research Methodology
Attack Surface Perspective
Assetnote’s approach starts with:
- Understanding what’s exposed
- Mapping technology stacks
- Identifying high-value targets
- Prioritizing based on exploitability
Deep Technical Analysis
Research includes:
- Source code review where possible
- Binary reverse engineering
- Protocol analysis
- Patch diffing
Responsible Disclosure
Maintaining vendor relationships through:
- Coordinated disclosure timelines
- Detailed technical reports
- Collaboration on fixes
Notable Research
Atlassian Vulnerabilities
Multiple critical findings:
- Pre-authentication RCE chains
- Template injection vulnerabilities
- Authentication bypass techniques
- Data exposure issues
Network Appliance Research
Critical discoveries in:
- F5 BIG-IP exploitation
- Ivanti/Pulse Secure vulnerabilities
- Citrix ADC attacks
- Load balancer security