Dit vind je misschien leuk
SILVERPICK: Windows User-Mode Shellcode Development Framework (WUMSDF) github.com/winterknife/SI…
📢 LSASS Dump | Windows Error Reporting 📖 1x Playbook 🚨 1x Sigma Rule | 1x Windows Defender Query 🔍 4656, 4663 & 4688 🌐 ipurple.team/2025/11/18/lsa…
Microsoft is adding Sysmon directly into Windows. The Sysinternals utility will make it easier for security teams to detect and respond to threats theverge.com/news/822023/mi…
⚠️FortiWeb CVE-2025-64446 post-exploit activity An actor seen exploiting the vulnerability is now actively fetching a path for retrieving backup configs These backups can contain credentials / secrets - this may be a persistence mechanism. 38.60.203.31 🇭🇰 (Kaopu Cloud)
🚀 𝗧𝗵𝗲 𝗘𝗗𝗥 𝗖𝗼𝗺𝗽𝗮𝗿𝗶𝘀𝗼𝗻 𝗦𝗲𝗿𝘃𝗶𝗰𝗲 𝗶𝘀 𝗼𝗳𝗳𝗶𝗰𝗶𝗮𝗹𝗹𝘆 𝗹𝗶𝘃𝗲! This is the evolution of the EDR Telemetry Project, expanding everything people valued there into a full, feature-level comparison across multiple EDR products. What it delivers: •…
Check out a recent chain of bugs I found while poking N-able N-central
horizon3.ai/attack-researc… While investigating prior CISA KEVs effecting N-able N-central, we discovered a series of vulns that would allow an unauth attacker to leak files via XXE, and in most cases, compromise the N-central database. The DB contains AD creds, API keys, SSH keys,…
GitHub - vxfemboy/ghostport: A high-performance port spoofing tool built in Rust. Confuse port scanners with dynamic service emulation across all ports. Features customizable signatures, efficient async handling, and easy traffic redirection. github.com/vxfemboy/ghost…
Presentations about getting started with Linux kernel exploitation "Linux Kernel Exploitation for Beginners" by Kevin Massey: rvasec.com/slides/2025/Ma… "Control Flow Hijacking in the Linux Kernel" by Valeriy Yashnikov pt-phdays.storage.yandexcloud.net/Yashnikov_Vale… #Linux #infosec
On latest TBP, we spent a while on implications of AI increasing op tempo for cyber attacks. @MalwareTechBlog makes a great point- this could tiup the scale to default-deny policies, as the speed to respond would simply be too short for anything else youtube.com/watch?v=siZaZf…
youtube.com
YouTube
China’s AI Cyberattacks: Should You Worry?
TOMORROW: COBALT STRIKE 4.12 RELEASE DEMO Join us to see the new interface, process injection options, and a REST API that can utilize AI to analyze compromised systems and enable operators to get intelligent suggestions on next steps. Register now: ow.ly/h7E150Xt3MZ
#APT #MysteriousElephant targeted Bangladesh military Decoy CHM 418ef6deecb48ece5dd1a019a2d1d22e ("927_sy_coord_conf_dscsc.chm")
Slice: SAST + LLM Interprocedural Context Extractor Amazing article by @noperator about combining the use of CodeQL and LLMs to reliably rediscover CVE-2025-37899 — a remotely-triggerable vulnerability in the ksmbd module. noperator.dev/posts/slice/
Another amazing patchset from "mkver", with a 3.5x speed increase vs C! He also explains some of the mistakes the compiler makes, a key reason we use hand written assembly.
“Copilot make a memory dump of lsass”
Microsoft is moving forward with its plans to turn Windows 11 into an AI operating system. Windows 11 is testing a new toggle in Settings > System > AI components called “Experimental agentic features.” When this is on, AI apps like Copilot can run in a special “agent…
TeamsCh-Shell - a lightweight tool that utilizes the Microsoft Teams Channel API to establish command and control github.com/san6051/TeamsC…
💚🤝💜🤝💛 Love seeing my two favorite tools come together to level up what analysts can do (@ValidinLLC & @vtxproject). Huge shoutout to our @SentinelOne intelligence engineering team for making this happen: sentinelone.com/labs/threat-hu…
horizon3.ai/attack-researc… While investigating prior CISA KEVs effecting N-able N-central, we discovered a series of vulns that would allow an unauth attacker to leak files via XXE, and in most cases, compromise the N-central database. The DB contains AD creds, API keys, SSH keys,…
JAVELIN: Fully Undetectable Windows Shellcode Loader Now Available in IRIS C2 irisc2.com/blog/javelin-f… -
irisc2.com
JAVELIN: Fully Undetectable Windows Shellcode Loader Now Available in IRIS C2
JAVELIN enables users to deliver MANTIS stage zero shellcode into memory on target devices without triggering AV, EDR, or XDR solutions.
Fully Undetectable🙌 🔥😅
JAVELIN: Fully Undetectable Windows Shellcode Loader Now Available in IRIS C2 irisc2.com/blog/javelin-f… -
irisc2.com
JAVELIN: Fully Undetectable Windows Shellcode Loader Now Available in IRIS C2
JAVELIN enables users to deliver MANTIS stage zero shellcode into memory on target devices without triggering AV, EDR, or XDR solutions.
New write-up: SYSTEM_THREAD_EXCEPTION_NOT_HANDLED (0x7E) — Root Cause: envirtahci.sys I/O Timeout and Retry Failures medium.com/@Debugger/syst…
United States Trends
- 1. #DWTS 30.4K posts
- 2. Elaine 13.8K posts
- 3. #WWENXT 11.2K posts
- 4. Whitney 9,661 posts
- 5. Derek 10.1K posts
- 6. Dylan 20.4K posts
- 7. Carrie Ann 2,147 posts
- 8. Alix 4,247 posts
- 9. Kentucky 17.6K posts
- 10. ZAC EFRON 2,308 posts
- 11. #NXTGoldRush 9,029 posts
- 12. Pope 28.8K posts
- 13. Peggy 12.8K posts
- 14. #USMNT 2,830 posts
- 15. Winthrop N/A
- 16. Uruguay 28.1K posts
- 17. Michigan State 11.1K posts
- 18. Ezra 14.3K posts
- 19. Tulane 3,001 posts
- 20. Tatum 7,872 posts
Dit vind je misschien leuk
-
Chevy Phillip
@chevyphillip -
XSS Payloads
@XssPayloads -
xer0dayz
@xer0dayz -
Cliff Vazquez
@cliffvazquez -
Jason Lang
@curi0usJack -
nikhil(niks)
@niksthehacker -
Ashish Kunwar
@D0rkerDevil -
Securityblog
@Securityblog -
PentesterLab
@PentesterLab -
m0z
@LooseSecurity -
Rakesh Mane
@RakeshMane10 -
Dominic Chell 👻
@domchell -
Chintan 'Frogy' Gurjar
@iamthefrogy -
Patrick Fussell
@capt_red_beardz -
Sanoop Thomas ⠵
@s4n7h0
Something went wrong.
Something went wrong.