Mind the gravity

A black-box scanner sends its prayers into the dark.

Blackhole answers with pages, headers, flows, lies, half-truths, and—when needed—the unpleasant courtesy of ground truth.

Blackhole is a Python ASGI mock server for black-box scanner testing, education, and reproducible benchmarking. It serves vulnerable-looking behavior from replay profiles and explicit stateful mini-flows, while exposing a truth/scoring API to compare scanner findings against expected cases.

In other words: a scanner can hallucinate, overfit, panic, or boast. Blackhole keeps the receipts.

And every white hat should remember: all requests eventually fall into the black hole.
https://github.com/scadastrangelove/zhet-blackhole

I JUST WANTED TO… GRAFUNA RED TEAM

Observability is about visibility.

Visibility works both ways. If you can see it, someone else can too.

This post is the polite version of a talk I gave. The impolite version is the repo.

https://github.com/scadastrangelove/zeronights2025-GRAFUNA 

EPSS, KEV, and the Joy of Predicting the Past

There is a recurring belief in security that if we just collect enough numbers, the future will eventually confess.

EPSS is one such number.

A clean decimal. A percentile. A promise.

So we asked a boring question: what if you actually ran patch management using EPSS thresholds? Not in theory. Not in slides. In reality—against vulnerabilities that were already exploited.

We took all vulnerabilities added to CISA’s KEV catalog in 2025. KEV is not a model. It is not predictive. It is simply a list of things that were exploited hard enough that someone had to admit it.
Nerds welcome.. 

 

CVE-2025-20352: Exposed SNMP is “not a vuln”? 0kk...

It’s just a friendly UDP oracle telling strangers what your routers are, how old they are, and whether they like to take naps when prodded. Totally fine.

CVE-2025-20352 lives in Cisco IOS/IOS XE’s SNMP stack. Crafted packets + creds = sad router. While everyone argues about advisory footnotes, we do the boring part: find what talks SNMP with default communities and tag what looks at risk.

https://github.com/scadastrangelove/CVE-2025-20352 

Nuk‑Nuke

https://github.com/scadastrangelove/nuknuke 

A lightning‑fast decoy web‑server that fools vulnerability scanners by feeding them the answers they expect. Inspired by the 90‑s WinNuke prank and written for ProjectDiscovery’s Nuclei, Nuk‑Nuke parses every template under ~/nuclei‑templates, spins up a single‑py server and replies in a way that always triggers a positive match. Ideal for red‑blue exercises, honeynets or throttling noisy pentest pipelines without touching your production code.

YAUZA CTF 2021

For 48 hours, participants will be able to solve tasks of all categories: web, reverse, pwn, forensics, crypto, OSINT, joy. Also new categories have been added: hardware, pentest and emulation!

https://yauzactf.com/en

NVIDIA DGX A100 Security Update

The DGX A100 System Firmware Update container version 20.11.3 for Ubuntu with BMC version 00.13.04 fixes vulnerabilities described in NVIDIA Security Bulletin 5010 such as CVE‑2020‑11487.

More details can be found in recent AISec talks and releases. 

Enjoy