내가 좋아할 만한 콘텐츠
When static analysis hits a wall, dynamic tracing with Frida’s Stalker API reveals what’s really happening at runtime. Learn to trace ARM instructions, filter for ldr/str, and see how obfuscated apps manipulate data: 🔗 8ksec.io/advanced-frida… #ReverseEngineering #AndroidSecurity…
Dynamic shellcode loader with sophisticated evasion capabilities github.com/0xNinjaCyclone…
#kernelctf #CVE-2025-* exploits + documentation for each vulns are available: github.com/google/securit…
🛠️ RealBlindingEDR Kernel-level AV/EDR removal for red teams. Advanced evasion methods in one toolkit. Try: github.com/myzxcg/RealBli…
In this post, I cover the DCOM objects in the dcomexec.py , how to fix some issues, and how to bypass Defender for MMC20. I plan to publish part two soon, focusing on new DCOM objects I discovered time ago that can be used for lateral movement sud0ru.ghost.io/yet-another-dc…
LD_PRELOAD TLS cert bypass for embedded security research (tutorial) f0rw4rd.github.io/posts/tls-nove… Credits @f0rw4rd_at #infosec
Finally migrated Sanctum EDR's methodology of DLL injection to using APC's and a shellcode bootstrap for LdrLoadDll. Huge thanks to @eversinc33 who helped me out with the shellcode stub & methodology 👑 You can find the injection module here if curious: github.com/0xflux/Sanctum…
A student booted the empty SARIOT lab, followed our method, ran selective fuzzing — and found a real vulnerability on the spot. Now he’s chasing the ROP chain. Hands-on labs = game changer. 🎯🔎 fuzzsociety.org/fuzzsociety-co… #youaretheexploit #fuzzing #VulnResearch
OPSEC: Read the Code Before It Burns Your Op - BlackSnufkin (@BlackSnufkin42) blacksnufkin.github.io/posts/opsec-of…
Hiding In PlainSight - Proxying DLL Loads To Hide From ETWTI Stack Tracing 0xdarkvortex.dev/proxying-dll-l… My Rust version PoC : github.com/Whitecat18/Rus…
#exploit #Kernel_Security Ksmbd Vulnerability Research Part 1 - CVE-2024-50283, CVE-2024-50285, CVE-2024-50286 - blog.doyensec.com/2025/01/07/ksm… Part 2 - Fuzzing Improvements and Vulnerability Discovery - blog.doyensec.com/2025/09/02/ksm… Part 3 - Exploiting CVE-2025-37947 -…
You need to analyse an compiled (.jar) Java application? Always decompile the code with JD-GUI to see how it works internally. And if you have client side authentication only for example use ReCaf to easily modify the source and recompile in a short amount of time! 😎
Understanding Null Pointer Dereference in Windows Kernel Drivers whiteknightlabs.com/2025/06/24/und…
Watcher from @vulnlab_eu released on @hackthebox_eu last week. It's a web-centric box with Zabbix exploitation, and then changing the source code to capture logins. I'll escalate though TeamCity. 0xdf.gitlab.io/2025/10/09/htb…
Exploiting Asus driver to escalate privileges. With few clever tactics Marcin Noga managed to bypass several constraints implemented by the driver devs. With hardlinks and ObfDereferenceObject() one can decrement PreviousMode of a process to enter god mode (this was patched in…
Unit 42 uncovers the IUAM ClickFix Generator, a phishing kit that generates custom pages with OS detection and clipboard injection capabilities. Unit 42 confirms at least one campaign where DeerStealer was delivered. unit42.paloaltonetworks.com/clickfix-gener…
LLM Poisoning [1/3]: Local LLMs are vulnerable to supply chain attacks. Inject a trigger-activated Trojan in a LLM. First step, build a probe to read a transformer's pre-down MLP activations to detect your chosen trojan trigger. 🔗 Full article synacktiv.com/publications/l…
![Synacktiv's tweet card. LLM Poisoning [1/3] - Lire les pensées d'un Transformer](https://pbs.twimg.com/card_img/1976807887906185216/P984iMrs?format=png&name=orig)
Morphing shellcode during execution. Once a part of code is done executing, overwrite the block with new code to run. A proof of concept by Debjeet Banerjee (@whokilleddb) Src: github.com/whokilleddb/lo… #redteam #maldev #malwaredevelopment
United States 트렌드
- 1. #JoyForum N/A
- 2. #2025MAMAVOTE 160K posts
- 3. Good Thursday 17.5K posts
- 4. #MC필릭스의_냉터뷰 10.9K posts
- 5. MC FELIX FRIDGE INTERVIEW 11.8K posts
- 6. #FridgeInterview_MCFelix 11.1K posts
- 7. Deport Harry Sisson 11.5K posts
- 8. Mila 18K posts
- 9. Brevis ZK 140K posts
- 10. BNB Chain 21.6K posts
- 11. Ninja Gaiden 9,712 posts
- 12. Deloitte 8,634 posts
- 13. DuPont 2,047 posts
- 14. #enhypen 135K posts
- 15. Pelosi 144K posts
- 16. Angel Reese 55.8K posts
- 17. John Fetterman 27.3K posts
- 18. Gabe Vincent 4,439 posts
- 19. Domain For Sale 19.7K posts
- 20. Mad Max 4,300 posts
Something went wrong.
Something went wrong.