https://www.assetnote.io https://www.assetnote.io/why-assetnote https://www.assetnote.io/company/about-us https://www.assetnote.io/company/careers https://www.assetnote.io/company/contact https://www.assetnote.io/resources/resources-overview https://www.assetnote.io/demo https://www.assetnote.io/thank-you https://www.assetnote.io/resources/research https://www.assetnote.io/home--back-up https://www.assetnote.io/resources/blog/a-deep-dive-into-three-servicenow-vulnerabilities-with-adam-kues https://www.assetnote.io/resources/blog/beyond-daily-scanning-staying-ahead-with-proactive-security-strategies https://www.assetnote.io/resources/blog/beyond-shadow-it-understanding-the-true-attack-surface-of-your-software https://www.assetnote.io/resources/blog/chaining-three-bugs-to-access-all-your-servicenow-data-live-q-a https://www.assetnote.io/resources/blog/confusion-in-the-attack-surface-management-market---surfacing-security-ep-6 https://www.assetnote.io/resources/blog/internet-wide-recon-moving-past-ip-centric-approaches https://www.assetnote.io/resources/blog/maximizing-security-outcomes-the-role-of-asm-in-bug-bounty-programs https://www.assetnote.io/resources/blog/searchlight-cyber-acquires-assetnote-to-enhance-continuous-threat-exposure-management https://www.assetnote.io/resources/blog/securing-your-digital-perimeter-external-attack-surface-management-in-2023 https://www.assetnote.io/resources/blog/the-art-of-recon-strategies-for-modern-asset-discovery https://www.assetnote.io/resources/blog/the-unknown-complexities-of-dns-resolution https://www.assetnote.io/resources/blog/the-untold-story-of-assetnote-origins-and-evolution---surfacing-security-ep-3 https://www.assetnote.io/resources/blog/uncovering-critical-vulnerabilities-in-magento-a-deep-dive---surfacing-security-ep-5 https://www.assetnote.io/resources/blog/what-is-true-attack-surface-management-asm---surfacing-security-ep-4 https://www.assetnote.io/resources/research/a-glossary-of-blind-ssrf-chains https://www.assetnote.io/resources/research/abusing-functionality-to-exploit-a-super-ssrf-in-jira-server-cve-2022-26135 https://www.assetnote.io/resources/research/advisory-citrix-gateway-open-redirect-and-xss-cve-2023-24488 https://www.assetnote.io/resources/research/advisory-dotcms-remote-code-execution-cve-2022-26352 https://www.assetnote.io/resources/research/advisory-dynamicweb-logic-flaw-leading-to-rce-cve-2022-25369 https://www.assetnote.io/resources/research/advisory-flarum-lfi-cve-2023-40033 https://www.assetnote.io/resources/research/advisory-jamf-pro-ssrf-cve-2021-39303-cve-2021-40809 https://www.assetnote.io/resources/research/advisory-metabase-pre-auth-rce-cve-2023-38646 https://www.assetnote.io/resources/research/advisory-multiple-vulnerabilities-in-progress-ipswitch-whatsup-gold https://www.assetnote.io/resources/research/advisory-next-js-ssrf-cve-2024-34351 https://www.assetnote.io/resources/research/advisory-oracle-opera-pre-auth-rce-cve-2023-21932 https://www.assetnote.io/resources/research/advisory-progress-ws-ftp-rce-cve-2023-40044 https://www.assetnote.io/resources/research/advisory-reflected-cross-site-scripting-in-cpanel-cve-2023-29489 https://www.assetnote.io/resources/research/advisory-server-side-request-forgery-in-jira-server-cve-2022-26135 https://www.assetnote.io/resources/research/advisory-sharefile-pre-auth-rce-cve-2023-24489 https://www.assetnote.io/resources/research/advisory-sitecore-rce-via-insecure-deserialization-cve-2021-42237 https://www.assetnote.io/resources/research/advisory-solarwinds-web-help-desk-arbitrary-hql-evaluation-cve-2021-35232 https://www.assetnote.io/resources/research/advisory-vmware-workspace-one-access-cve-2021-22056 https://www.assetnote.io/resources/research/advisory-vmware-workspace-one-uem-ssrf-cve-2021-22054 https://www.assetnote.io/resources/research/advisory-websphere-portal-ssrfs-post-auth-rce-cve-2021-27748 https://www.assetnote.io/resources/research/analysis-of-cve-2023-3519-in-citrix-adc-and-netscaler-gateway https://www.assetnote.io/resources/research/analysis-of-cve-2023-3519-in-citrix-adc-and-netscaler-gateway-part-2 https://www.assetnote.io/resources/research/breaking-bitbucket-pre-auth-remote-command-execution-cve-2022-36804 https://www.assetnote.io/resources/research/bypass-iis-authorisation-with-this-one-weird-trick-three-rces-and-two-auth-bypasses-in-sitecore-9-3 https://www.assetnote.io/resources/research/chaining-our-way-to-pre-auth-rce-in-metabase-cve-2023-38646 https://www.assetnote.io/resources/research/chaining-three-bugs-to-access-all-your-servicenow-data https://www.assetnote.io/resources/research/chaining-vulnerabilities-to-criticality-in-progress-whatsup-gold https://www.assetnote.io/resources/research/citrix-bleed-leaking-session-tokens-with-cve-2023-4966 https://www.assetnote.io/resources/research/citrix-denial-of-service-analysis-of-cve-2024-8534 https://www.assetnote.io/resources/research/cloudflare-pages-part-1-the-fellowship-of-the-secret https://www.assetnote.io/resources/research/cloudflare-pages-part-2-the-two-privescs https://www.assetnote.io/resources/research/cloudflare-pages-part-3-the-return-of-the-secrets https://www.assetnote.io/resources/research/contextual-content-discovery-youve-forgotten-about-the-api-endpoints https://www.assetnote.io/resources/research/continuing-the-citrix-saga-cve-2023-5914-cve-2023-6184 https://www.assetnote.io/resources/research/digging-for-ssrf-in-nextjs-apps https://www.assetnote.io/resources/research/discovering-a-zero-day-and-getting-code-execution-on-mozillas-aws-network https://www.assetnote.io/resources/research/discovering-full-read-ssrf-in-jamf-cve-2021-39303-cve-2021-40809 https://www.assetnote.io/resources/research/diving-deeper-into-watchguard-pre-auth-rce-cve-2022-26318 https://www.assetnote.io/resources/research/doing-the-due-diligence-analyzing-the-next-js-middleware-bypass-cve-2025-29927 https://www.assetnote.io/resources/research/eliminating-dangling-elastic-ip-takeovers-with-ghostbuster https://www.assetnote.io/resources/research/encrypted-doesnt-mean-authenticated-sharefile-rce-cve-2023-24489 https://www.assetnote.io/resources/research/encrypting-our-way-to-ssrf-in-vmware-workspace-one-uem-cve-2021-22054 https://www.assetnote.io/resources/research/expanding-the-attack-surface-react-native-android-applications https://www.assetnote.io/resources/research/exploiting-an-order-of-operations-bug-to-achieve-rce-in-oracle-opera https://www.assetnote.io/resources/research/exploiting-graphql https://www.assetnote.io/resources/research/exploiting-hardcoded-keys-to-achieve-rce-in-yellowfin-bi https://www.assetnote.io/resources/research/exploiting-static-site-generators-when-static-is-not-actually-static https://www.assetnote.io/resources/research/finding-and-exploiting-citrix-netscaler-buffer-overflow-cve-2023-3519-part-3 https://www.assetnote.io/resources/research/finding-hidden-files-and-folders-on-iis-using-bigquery https://www.assetnote.io/resources/research/finding-xss-in-a-million-websites-cpanel-cve-2023-29489 https://www.assetnote.io/resources/research/gaining-access-to-ubers-user-data-through-ampscript-evaluation https://www.assetnote.io/resources/research/getting-access-to-zendesks-google-cloud-and-artifactory-from-github-dotfile-repos https://www.assetnote.io/resources/research/h2c-smuggling-in-the-wild https://www.assetnote.io/resources/research/hacking-a-bank-by-finding-a-0day-in-dotcms https://www.assetnote.io/resources/research/hacking-on-bug-bounties-for-four-years https://www.assetnote.io/resources/research/high-signal-detection-and-exploitation-of-ivantis-pulse-connect-secure-auth-bypass-rce https://www.assetnote.io/resources/research/how-an-obscure-php-footgun-led-to-rce-in-craft-cms https://www.assetnote.io/resources/research/insecurity-through-censorship-vulnerabilities-caused-by-the-great-firewall https://www.assetnote.io/resources/research/ivantis-pulse-connect-secure-auth-bypass-round-two https://www.assetnote.io/resources/research/leaking-file-contents-with-a-blind-file-oracle-in-flarum https://www.assetnote.io/resources/research/leveraging-an-order-of-operations-bug-to-achieve-rce-in-sitecore-8-x---10-x https://www.assetnote.io/resources/research/logic-flaw-leading-to-rce-in-dynamicweb-9-5-0-9-12-7 https://www.assetnote.io/resources/research/moveit-transfer-rce-part-two-cve-2023-34362 https://www.assetnote.io/resources/research/nginx-apache-path-confusion-to-auth-bypass-in-pan-os https://www.assetnote.io/resources/research/patch-diffing-progress-moveit-transfer-rce-cve-2023-34362 https://www.assetnote.io/resources/research/pre-auth-rce-in-aspera-faspex-case-guide-for-auditing-ruby-on-rails https://www.assetnote.io/resources/research/rce-in-avaya-aura-device-services https://www.assetnote.io/resources/research/rce-in-progress-ws-ftp-ad-hoc-via-iis-http-modules-cve-2023-40044 https://www.assetnote.io/resources/research/reversing-citrix-gateway-for-xss https://www.assetnote.io/resources/research/sitecore-experience-platform-pre-auth-rce-cve-2021-42237 https://www.assetnote.io/resources/research/solarwinds-web-help-desk-when-the-helpdesk-is-too-helpful https://www.assetnote.io/resources/research/stealing-administrative-jwts-through-post-auth-ssrf-cve-2021-22056 https://www.assetnote.io/resources/research/taking-over-azure-devops-accounts-with-1-click https://www.assetnote.io/resources/research/turning-bad-ssrf-to-good-ssrf-websphere-portal-cve-2021-27748 https://www.assetnote.io/resources/research/two-bytes-is-plenty-fortigate-rce-with-cve-2024-21762 https://www.assetnote.io/resources/research/understanding-cve-2022-22972-vmware-workspace-one-access-auth-bypass https://www.assetnote.io/resources/research/why-nested-deserialization-is-harmful-magento-xxe-cve-2024-34102 https://www.assetnote.io/resources/research/zoom-zero-day-followup-getting-the-rce https://www.assetnote.io/use-cases/attack-surface-reduction https://www.assetnote.io/use-cases/bug-bounty-readiness https://www.assetnote.io/use-cases/continuous-asset-discovery-and-inventory https://www.assetnote.io/use-cases/continuous-security-monitoring https://www.assetnote.io/use-cases/mergers-and-acquisitions https://www.assetnote.io/use-cases/surface-api-security https://www.assetnote.io/use-cases/surface-application-infrastructure https://www.assetnote.io/use-cases/surface-cloud-platforms https://www.assetnote.io/platform/asset-discovery https://www.assetnote.io/platform/asset-enrichment https://www.assetnote.io/platform/assetnote-exposure-engine https://www.assetnote.io/platform/collaborative-workflows https://www.assetnote.io/platform/customization https://www.assetnote.io/platform/expert-security-research https://www.assetnote.io/policies/privacy-policy