GOTT Labs

GOTT Labs is an independent cybersecurity research project focused on studying how threats operate in practice, how defensive systems respond under real conditions, and where theory quietly diverges from reality.

This site exists to publish research. Any resemblance to marketing is coincidental.

Research/Write-ups

MongoBleed Forensics (CVE-2025-14847)

CVE Date: December 26, 2025

MongoBleed, a discussion of forensics and considerations

CVE-2025-14847 mongodb forensics
MongoBleed

Oracle EBS (CVE-2025-61882)

CVE Date: October 7, 2025

The Zero-Day That Reminded Everyone Why ERP Means "Everyone's Really Pwned"

CVE-2025-61882 oracle_ebs forensics
oracle_ebs

SAP NetWeaver VC (CVE-2025-31324)

CVE Date: April 26, 2025

How an obscure endpoint turned SAP NetWeaver into a webshell wonderland

CVE-2025-31324 sap_netweaver forensics
sap_netweaver

The FortiGate Backdoor That Wasn't A Backdoor (CVE-2024-55591)

CVE Date: January 14, 2025

When authentication is just a really aggressive suggestion

CVE-2024-55591 fortigate forensics
fortigate_cve

PAN-OS (CVE-2024-0012 and CVE-2024-9474)

CVE Date: November 18, 2024

When Your Security Appliance Becomes the Vulnerability

CVE-2024-0012 CVE-2024-9474 panos forensics
panos_cve

FortiJump Diving board (CVE-2024-47575)

CVE Date: October 23, 2024

How Missing Auth in FortiManager Let UNC5820 Play Musical Chairs with Enterprise Networks

CVE-2024-47575 fortigate forensics
fortijump

Research Disclaimer

Research published is provided for educational purposes. Findings reflect observed behavior in specific environments and should not be interpreted as universal truth, vendor endorsement, or operational guidance. Techniques discussed may be incomplete, ineffective, or rendered obsolete without notice. Readers are expected to apply judgment, skepticism, and basic security hygiene.