https://mkiesel.ch/Manu's personal, mostly infosec-related blogenMon, 09 Feb 2026 00:00:00 +0000A technical deep dive into the lands of Lenovo Vantage and its add-ins, including tooling to help you hunt for vulnerabilitieshttps://mkiesel.ch/posts/lenovo-vantage/@rtfmkieselhttps://mkiesel.ch/posts/lenovo-vantage/Mon, 09 Feb 2026 00:00:00 +0000https://mkiesel.ch/posts/lenovo-vantage/preview_hu_3b398b9783d0be9a.jpgLPE in the Cordaware bestinformed Infoclient (CVE-2025-0425)https://mkiesel.ch/posts/cordaware/@rtfmkieselhttps://mkiesel.ch/posts/cordaware/Tue, 18 Feb 2025 00:00:00 +0000https://mkiesel.ch/posts/cordaware/preview_hu_be1ebe445c764523.jpgTales from installing 16 Swiss tax applicationshttps://mkiesel.ch/posts/swiss-tax-adventures-2/@rtfmkieselhttps://mkiesel.ch/posts/swiss-tax-adventures-2/Fri, 29 Nov 2024 00:00:00 +0000https://mkiesel.ch/posts/swiss-tax-adventures-2/preview_hu_310d0e83bc5cc3b2.jpgDiscovering a mass XXE in Swiss tax applications (CVE-2024-8602)https://mkiesel.ch/posts/swiss-tax-adventures-1/@rtfmkieselhttps://mkiesel.ch/posts/swiss-tax-adventures-1/Sun, 20 Oct 2024 00:00:00 +0000https://mkiesel.ch/posts/swiss-tax-adventures-1/preview_hu_10f0c6a78df2c024.jpgA guide on how to set up mitmproxy on a Raspberry Pi for LAN and Wi-Fi MitMhttps://mkiesel.ch/posts/rpi-mitmproxy/@rtfmkieselhttps://mkiesel.ch/posts/rpi-mitmproxy/Wed, 09 Oct 2024 00:00:00 +0000https://mkiesel.ch/posts/rpi-mitmproxy/build_hu_1798ab4d9af30a7a.jpgHow to achieve persistence by backdooring installed VSCode pluginshttps://mkiesel.ch/posts/vscode-plugin-persistence/@rtfmkieselhttps://mkiesel.ch/posts/vscode-plugin-persistence/Sun, 30 Jun 2024 00:00:00 +0000https://mkiesel.ch/posts/vscode-plugin-persistence/plugin_persistence_preview_hu_2f08673a7be11704.jpgHow to force Electron applications into using your HTTP proxyhttps://mkiesel.ch/posts/electron-proxy-injection/@rtfmkieselhttps://mkiesel.ch/posts/electron-proxy-injection/Thu, 29 Feb 2024 00:00:00 +0000https://mkiesel.ch/posts/electron-proxy-injection/appjs_preview_hu_84851e18aed33877.jpgBypassing USB poilicies using WebSerial and microcontrollershttps://mkiesel.ch/posts/comfiltrat0r/@rtfmkieselhttps://mkiesel.ch/posts/comfiltrat0r/Wed, 25 Oct 2023 00:00:00 +0000https://mkiesel.ch/posts/comfiltrat0r/comfiltrat0r_logo_preview_hu_d3c305ccd37be4b3.jpgHow I gained RCE on a DVR by uploading a malicious backup (CVE-2022-40799)https://mkiesel.ch/posts/dlink-dnr322/@rtfmkieselhttps://mkiesel.ch/posts/dlink-dnr322/Tue, 27 Sep 2022 00:00:00 +0000https://mkiesel.ch/posts/dlink-dnr322/dnr322_preview_hu_5715de3c0c41b841.jpgGetting a root shell on the D-Link DCS-5222 by manipulating uBoot parameters via UARThttps://mkiesel.ch/posts/dlink-dcs5222/@rtfmkieselhttps://mkiesel.ch/posts/dlink-dcs5222/Tue, 23 Aug 2022 00:00:00 +0000https://mkiesel.ch/posts/dlink-dcs5222/dcs5222_preview_hu_d0765e00993a2474.jpgReplacing bookmarks post-exploit for fun and profithttps://mkiesel.ch/posts/evilbookmark/@rtfmkieselhttps://mkiesel.ch/posts/evilbookmark/Sun, 23 Jan 2022 00:00:00 +0000https://mkiesel.ch/posts/evilbookmark/evilbookmark_preview_hu_2555e0d9c869caad.jpgInvestigating possible planned obsolescence in my toothbrushhttps://mkiesel.ch/posts/toothbrush/@rtfmkieselhttps://mkiesel.ch/posts/toothbrush/Sat, 04 Sep 2021 00:00:00 +0000https://mkiesel.ch/posts/toothbrush/tb_preview_hu_d998e20caa00e5d6.jpgUsing PowerShell to make post-exploit phishing formshttps://mkiesel.ch/posts/powerphish/@rtfmkieselhttps://mkiesel.ch/posts/powerphish/Sun, 01 Aug 2021 00:00:00 +0000https://mkiesel.ch/posts/powerphish/powerphish_preview_hu_115c703862381985.jpg