GOTT Labs

GOTT Labs is an independent cybersecurity research project focused on studying how threats operate in practice, how defensive systems respond under real conditions, and where theory quietly diverges from reality.

This site exists to publish research. Any resemblance to marketing is coincidental.

Research/Write-ups

Filter by Research Area:

Dell RecoverPoint for VMs (CVE-2026-22769)

Published: Februrary 17, 2026

When your backup appliance is also a pre-installed APT welcome mat

CVE-2026-22769 forensics vulnerability
CVE-2026-22769

CVE-2026-1281: The Art of Arithmetic Expansion

Published: Februrary 15, 2026

Forensic analysis of pre-auth RCE exploitation in Ivanti EPMM through esoteric shell evaluation mechanics

CVE-2026-1281 ivanti forensics vulnerability
CVE-2025-1281

Internet Traffic Brokers: TDS and the VexTrio Criminal Enterprise

Published: January 10, 2026

How a Billion-Dollar Cybercrime Operation Hides Behind Legitimate AdTech (Part 1)

research threat_groups
vextrio_tds_part1

MongoBleed Forensics (CVE-2025-14847)

CVE Date: December 26, 2025

MongoBleed, a discussion of forensics and considerations

CVE-2025-14847 mongodb forensics vulnerability
MongoBleed

Trust But Don't Verify (Forti CVE-2025-59718)

CVE Date: November 9, 2025

CVE-2025-59718 & CVE-2025-59719 - Who Needs Signature Verification Anyway?

CVE-2025-59718 fortinet forensics vulnerability
forti_vuln2

CVE-2025-59287 and the WSUS Deserialization Nightmare

CVE Date: October 10, 2025

A critical unauthenticated RCE vulnerability that turned Microsoft's patch delivery system into an attacker's dream"

CVE-2025-59287 forensics vulnerability
wsus_windows

Oracle EBS (CVE-2025-61882)

CVE Date: October 7, 2025

The Zero-Day That Reminded Everyone Why ERP Means "Everyone's Really Pwned"

CVE-2025-61882 oracle_ebs forensics vulnerability
oracle_ebs

SAP NetWeaver VC (CVE-2025-31324)

CVE Date: April 26, 2025

How an obscure endpoint turned SAP NetWeaver into a webshell wonderland

CVE-2025-31324 sap_netweaver forensics vulnerability
sap_netweaver

The FortiGate Backdoor That Wasn't A Backdoor (CVE-2024-55591)

CVE Date: January 14, 2025

When authentication is just a really aggressive suggestion

CVE-2024-55591 fortinet forensics vulnerability
forti_cve1

PAN-OS (CVE-2024-0012 and CVE-2024-9474)

CVE Date: November 18, 2024

When Your Security Appliance Becomes the Vulnerability

CVE-2024-0012 CVE-2024-9474 panos forensics vulnerability
panos_cve

FortiJump Diving board (CVE-2024-47575)

CVE Date: October 23, 2024

How Missing Auth in FortiManager Let UNC5820 Play Musical Chairs with Enterprise Networks

CVE-2024-47575 fortinet forensics vulnerability
fortijump

Luna Moth: When Social Engineering Beats Malware

Post Date: January 02, 2026

How ex-Conti operators are extorting millions without writing a single line of malicious code

luna_moth threat_groups forensics
luna_moth

CVE-2024-53704: SonicWall Session Hijack

CVE Date: November 05, 2024

When 32 Null Bytes Break Authentication and SIEM Logs Miss Everything That Matters

CVE-2024-53704 sonicwall forensics vulnerability
sonicwall

Research Disclaimer

Research published is provided for educational purposes. Findings reflect observed behavior in specific environments and should not be interpreted as universal truth, vendor endorsement, or operational guidance. Techniques discussed may be incomplete, ineffective, or rendered obsolete without notice. Readers are expected to apply judgment, skepticism, and basic security hygiene.