potatoherder
@hackingforbeer
yeah nah, janitor. copy pasting through your network. floppy saves
You might like
Exciting news, infosec community! 🎉 The Call for Proposals for x33fcon is officially OPEN! Got a brilliant talk idea, a hands-on workshop, or an in-depth training you're eager to share? We want to hear from you! Conference dates: June 11-12, 2026 Training dates: June 8-10,…
CAIBench: How do we really know how good an agent is at hacking? 🧠💥 Evaluation is a core pillar of agentic AI — especially in cybersecurity agents built for vulnerability hunting, offensive operations, blue-team defense, and purple-teaming. Benchmarks aren’t side projects;…
Venom C2 tool drop! 🐍 During a recent red team engagement we needed a simple python agent that needs no dependencies to setup persistence on some exotic boxes we landed on. Some had EDR so we didn't want anything off-the-shelf. The server, agent, and client were made…
Think NTLM relay is a solved problem? Think again. @elad_shamir breaks down why it remains one of the easiest, and most effective, attack paths in AD environments. Read more from @helpnetsecurity ⤵️ ghst.ly/47Pv7WZ
[Blogpost] @croco_byte presents how to exploit attack paths related to Active Directory sites' ACLs. As the latter often constitute a blind spot for AD enumeration tools, the article also describes a pull request aiming to integrate them into the BloodHound project:…
As a fun side project - I’ve started tracking vendors whose guides ask customers to create ESC1-style certificate templates, leaving an entire environment exposed 😅 medium.com/@Debugger/from…
Callstacks are largely used by the Elastic EDR to detect malicious activity. @SAERXCIT details a technique to evade a callstack-based detection and allow shellcode to load a network module without getting detected. Post: offsec.almond.consulting/evading-elasti… PoC: github.com/AlmondOffSec/L…
If you’re a hacker or infosec pro, you should definitely read the short paper, Reflections on Trusting Trust by Ken Thompson. cs.cmu.edu/~rdriley/487/p…
New Titanis release => github.com/trustedsec/Tit… Mostly Kerberos enhancements: - S4U2self and S4U2proxy - Change/Set password - Generate crypto key on command line ASN.1 saw some major changes to pave the way for some upcoming enhancements
![codewhisperer84's tweet card. Be sure to check the new Authentication Guide for an overview of the different authentication scenarios. Enhancements Kerberos S4U2self and S4U2proxy ([MS-SFU]) S4U with user certificate Renew...](https://pbs.twimg.com/card_img/1985382973940604928/qPYJpELx?format=jpg&name=orig)
This is already happening and it's exactly as bad as you'd expect. Zerodium pays $2.5M for iOS exploits. NSO Group turned this into a business model. Zero-days get hoarded by nation-states instead of fixed. The data: Researches from Rand found exploited zero-days have a…
Really great blogpost about bypassing client isolation on wifi networks (WPA till 2 and public) from Ben Knight pulsesecurity.co.nz/articles/bypas…
Today, I am releasing the COM-Fuzzer. Gain insights into COM/DCOM implementations that may be vulnerable using an automated approach and make it easy to visualize the data. github.com/warpnet/COM-Fu…
No, I don't think it's staged. I really recommend reading this paper by RecordedFuture, in summary they believe there is some changes occurring in the Russian Federation and they're less tolerant to cybercrime unless it benefits them recordedfuture.com/research/dark-…
Hundreds of leaked EDR credentials are circulating. Because EDRs have deep device access, this is like handing over your C2. This issue doesn’t stem from vulnerabilities in the EDR products themselves, but rather from end users who inadvertently download and execute malware.
Tools such as PsExec.py from Impacket are usually flagged for lateral movement due to the pre-built service executable that is dropped on the remote system. However, some vendors also flag Impacket based on its behaviour. With RustPack, you can easily create…
We have a AMA from @anyrun_app currently talking malware in /r/redteamsec if you want to join the conversation - reddit.com/r/redteamsec/s…
Raw NTFS parsing for SAM/SYSTEM/NTDS.dit access? github.com/kfallahi/Under… 400 lines Powershell - easy peasy ❤️🔥
if you are in red team and you are worried about future employment, or AI. learn code. learn system internals. make simple malware, use AI assistance. become an engineer. learn how malware operates and why. think how to evade security while accomplishing your objectives in code
Took a bit of time, but it seems I got the MythicC2 HTTPx profile implemented for the Apollo agent. The C# agent now has full mallable profile support🔥 Needs way more testing before any sort of merge, but it's getting there 😃
Interested in an alternative approach to sleep masking for you malware? Check-out our latest blog post "Function Peekaboo: Crafting self masking functions using LLVM" by @saab_sec mdsec.co.uk/2025/10/functi…
United States Trends
- 1. Good Monday 34.3K posts
- 2. Pond 183K posts
- 3. #MondayMotivation 34.8K posts
- 4. #Talus_Labs N/A
- 5. Happy 250th 3,024 posts
- 6. $BNKK N/A
- 7. Semper Fi 4,382 posts
- 8. Rudy Giuliani 21.4K posts
- 9. Obamacare 20.1K posts
- 10. United States Marine Corps 4,637 posts
- 11. #LingHerHynessTiktokLive 350K posts
- 12. LINGLING BA HERHYNESS 336K posts
- 13. #MondayVibes 2,370 posts
- 14. Victory Monday 1,113 posts
- 15. The BBC 462K posts
- 16. 8 Democrats 12.9K posts
- 17. #USMC N/A
- 18. Mark Meadows 19.6K posts
- 19. Tina Peters 8,978 posts
- 20. Talus Labs’ AR N/A
Something went wrong.
Something went wrong.