Ofir Yakobi, Author at Orca Security

Leveraging Nuclei Templates to Identify Risks and Threats in Critical Cloud Applications

Technical Deep Dives

Leveraging Nuclei Templates to Identify Risks and Threats in Critical Cloud Applications

Table of contentsBuilding the vulnerable scenariosScenario 1: Web application vulnerabilityScenario 2: CI/CD server vulnerabilityAutomated vulnerability detection using Nuclei templatesScenario 1:...

Apr 03, 2024

POC and Explanation of Critical TeamCity Authentication Bypass Vulnerability (CVE-2024-27198)

‘Orca Watch’ Series

POC and Explanation of Critical TeamCity Authentication Bypass Vulnerability (CVE-2024-27198)

With 84% of vulnerable and exposed TeamCity servers likely already compromised, the recent issue in JetBrains’ TeamCity illustrates how a...

Mar 20, 2024

How the Sys:All Loophole Allowed Us To Penetrate GKE Clusters in Production

Discovered Vulnerabilities

How the Sys:All Loophole Allowed Us To Penetrate GKE Clusters in Production

Following our discovery of a critical loophole in Google Kubernetes Engine (GKE) dubbed Sys:All, we decided to conduct research into...

Jan 24, 2024

All articles by Ofir Yakobi

Leveraging Nuclei Templates to Identify Risks and Threats in Critical Cloud Applications

POC and Explanation of Critical TeamCity Authentication Bypass Vulnerability (CVE-2024-27198)

How the Sys:All Loophole Allowed Us To Penetrate GKE Clusters in Production

See Orca Security in Action

Cloud Security Platform

Technology Ecosystem

By Solution

By Industry

Comparisons