Was dir gefallen könnte
Most small orgs without a dedicated security team would be off better off investing the time/$$$ in a good password manager over an EDR. Naturally not mutually exclusive - too many folk underestimate the effectiveness of a good password manager and passkeys.
THAT’S IT? This is what 20 years’ worth of spent nuclear fuel looks like safely stored at the former Maine Yankee nuclear plant. The plant generated 119 billion kilowatt hours of reliable power from 1972-1996, which is enough to power half a million homes each year.
any red teamer born after 2001 can't hack... all they know is bloodhound, charge they macbook, sliver c2, be oscp, write bof & lie
Introducing Wyrm, currently in pre-release - a bit of a hobby project which I am working towards v1.0 for, a Red Team C2 framework which one day will hopefully rival Cobalt Strike, Sliver, etc in terms of capability. Come check it out here! github.com/0xflux/wyrm #redteam…
Next week we are releasing a RunPE implementation which has been tested thoroughly against several EDRs. The demonstration video shows the implementation running Mimikatz and successfully evading Pe-seive.
Red teaming(in InfoSec)originally meant breaking into organizations and demonstrating real impact by testing assumptions, technologies, and processes with minimal restrictions before frameworks like MITRE ATT&CK and the rise of purple teaming. Over time, some people began using…
mitmproxy is in the Microsoft Store, just in case you need it for some reason. #LivingOffMicrosoftStore
Exciting updates coming soon! - New specialized training arriving by the end of the month. - The Malware Development course will be adding modules based around AD attacks. - The Offensive Phishing Ops course will be getting a specialized Living off Trusted Sites (LOTS)…
This was kinda interesting to run into in the wild - the developer of this malware wanted to to terminate all TCP connections of a process via the TCP table. Instead of using SetTcpEntry, they reimplemented the entire function by copying the underlying implementation from…
Introducing Havoc Professional: A Lethal Presence We’re excited to share a first look at Havoc Professional, a next-generation, highly modular Command and Control framework, and Kaine-kit our fully Position Independent Code agent engineered for stealth! infinitycurve.org/blog/introduct…
Securing Public GraphQL APIs - A Practical Guide for Developers 0xd33r.com/article/2025/g… Seeing GraphQL left wide open is still way too common—introspection, broken auth, and resolver-level access issues that lead to full compromise. I wrote a practical guide to locking it down.
0xd33r.com
0xd33r - Cybersecurity, Networking & Hacking Blog by d33r
Expert insights on offensive security, red teaming, Active Directory exploitation, and networking. Deep dives into modern attack techniques, security research, and technical walkthroughs.
So excited to speak at #BHUSA for the first time this year! I'll talk about training LLMs on verifiable tasks (including what exactly that means) with a case study automating some maldev work.
Me and the homies are dropping browser exploits on the red team engagement 😎. Find out how to bypass WDAC + execute native shellcode using this one weird trick -- exploiting the V8 engine of a vulnerable trusted application. ibm.com/think/x-force/…
Loading a DLL into lsass.exe by editing a registry key value: github.com/Maldev-Academy…
Very proud of this. You can run arbitrary BOFs through Beacon and every API call will have a fully backed stack without needing to modify or recompile them.
Video demo of bypassing Windows Defender App Control with Loki C2! Blog with details coming in 1-2 weeks. Yes -- @d_tranman and I created an entire C2 in JavaScript and it bypasses all the things 🥷🧙♂️🪄
We're excited to announce the upcoming launch of our new course: Offensive Phishing Operations. More Info: maldevacademy.com/phishing-course Syllabus: maldevacademy.com/phishing-cours… Launch date: March 2025
In the new version windbg opens a suggestions box when you type "!" with all the optional extensions
United States Trends
- 1. Thanksgiving 346K posts
- 2. Trumplican 1,247 posts
- 3. #wednesdaymotivation 5,353 posts
- 4. Good Wednesday 32.3K posts
- 5. Hong Kong 12.6K posts
- 6. #Wednesdayvibe 2,808 posts
- 7. #PuebloEnBatallaYVictoria 2,713 posts
- 8. Colorado State 3,679 posts
- 9. Gretzky N/A
- 10. #BurnoutSyndromeSeriesEP1 223K posts
- 11. Ruth 14.3K posts
- 12. Karoline Leavitt 27.6K posts
- 13. Stranger Things Day 4,047 posts
- 14. Nuns 8,800 posts
- 15. Mora 22.4K posts
- 16. Tai Po 9,026 posts
- 17. 28 Years Later 2,096 posts
- 18. Didn't Jesus 3,419 posts
- 19. #GalxeID 10.9K posts
- 20. BYOB N/A
Something went wrong.
Something went wrong.