You might like
Happy Friday! I just published XRayC2 a command & control framework that uses AWS X-Ray as a communication channel. medium.com/@dhiraj_mishra… #infosec #redteam
🛠️ A serverless command & control (C2) framework 🗓️ Leverages Google Calendar APIs, as a covert communication channel between operators and a compromised system github.com/deriv-security…
I just published MeetC2 - A serverless command & control (C2) framework that leverages Google Calendar APIs, as a communication channel. github.com/deriv-security… #infosec #redteam
Just thought of sharing. YubiKey's OATH app lets you name accounts anything including base64 files, turning into a tiny file storage. #infosec #redteam
Through libfuzzer, I found a heap-overflow in libssh2 which is now fixed. github.com/inputzero/Secu… #infosec #fuzzing
Yesterday at DEFCON 33, we participated in the Bio Hacking Village and conducted security assessment of PET/CT imaging systems. Successfully identifying three vulnerabilities, which were responsibly reported to the vendor. #infosec #defcon33
Through libFuzzer, double-free of icalproperty objects. github.com/inputzero/Secu… #infosec #fuzzing
Through libFuzzer, LibArchive ACL Buffer Overflow Vulnerability (Low) - github.com/inputzero/Secu… #infosec #fuzzing
I wrote a blog on Medium, "Brewing Trouble - Dissecting a macOS Malware Campaign". medium.com/deriv-tech/bre… #infosec #redteam
Alright! I'll be presenting my tool "SmuggleShield" at BlackHat USA, see you there if you are around.(github.com/RootUp/Smuggle…) #infosec #redteam #blueteam
Offensive Phishing Operations Update 2 Released: maldevacademy.com/phishing-cours… - HTML Smuggling Strategies - Analyzing and Evading SmuggleShield (S/O @RandomDhiraj) - Integrating Anti-Bot With HTML Smuggling - SVG Smuggling - WebAssembly Smuggling
The next update for the Offensive Phishing Operations course will be heavily focused on HTML Smuggling and will be going up against @RandomDhiraj's awesome SmuggleShield. We'll also be demonstrating a module that combines anti-bot capabilities with HTML smuggling. More info:…
Stoked! Our (@r00treaver) work on SVG Smuggling is now part of MITRE ATT&CK (T1027.017)! attack.mitre.org/techniques/T10… #infosec #redteam
Never trust a favicon at face value. 👀 @RandomDhiraj demonstrates how attackers can hide malicious files inside .ico icons by exploiting their dual directory structure — allowing payloads to slip past filters in a stealth move similar to HTML smuggling.
Just learned a neat way of hiding file within favicon (.ico). You can manipulate the dual directory entry structure and smuggle any file type in it. Here is a quick raw script I put together for testing.(github.com/RootUp/Persona…) #infosec #redteam
United States Trends
- 1. #2025MAMAVOTE 1.42M posts
- 2. #KonamiWorldSeriesSweepstakes N/A
- 3. Tyla 17.7K posts
- 4. Fetterman 69.3K posts
- 5. No Kings 152K posts
- 6. Miguel Vick N/A
- 7. Deport Harry Sisson 26.1K posts
- 8. Yung Miami N/A
- 9. Somalia 31K posts
- 10. GTreasury 5,157 posts
- 11. #SpiritDay 1,578 posts
- 12. Dave Dombrowski N/A
- 13. ErgoChair X N/A
- 14. Andrade 6,858 posts
- 15. #thursdayvibes 3,902 posts
- 16. Caresha N/A
- 17. Starting 5 7,896 posts
- 18. Ninja Gaiden 26.2K posts
- 19. #WorldFoodDay 36.8K posts
- 20. Mila 17.8K posts
You might like
-
André Baptista
@0xacb -
Niemand
@niemand_sec -
Jasmin Landry
@JR0ch17 -
streaak
@streaak -
pwnmachine 👾
@princechaddha -
Samuel
@saamux -
Riyaz Walikar
@riyazwalikar -
Armaan Pathan
@armaancrockroax -
gujjuboy10x00
@vis_hacker -
nikhil(niks)
@niksthehacker -
Jon Bottarini
@jon_bottarini -
Mahmoud Gamal
@Zombiehelp54 -
DeepBlue Security & Intelligence
@DeepBlueInfoSec -
Aseem Jakhar
@aseemjakhar -
Rakesh Mane
@RakeshMane10
Something went wrong.
Something went wrong.