optional
@optionalctf
The proud owner of two brain cells. HTB with @barctf | OSCP, CRT, CRTL
قد يعجبك
Introducing C2structor, a deployment tool to automate red team infrastructure within AWS. Utilising Terraform and Ansible to allow for seamless customisation to each individual's use-case. Currently supports C2 deployment, redirectors and phishing inf. github.com/optionalCTF/C2…
Labour's 1984 shit show is already showing cracks and backfiring. Can't wait to see the shit show Digital ID gets compromised because they rushed to implement something no one wants...
Discord has begun sending e-mails notifications about a cybersecurity incident which occurred September 20th, 2025. It appears people who submitted support tickets are the ones primarily impacted. Literally peoples entire identity stolen from this shit
It gets better ;) I totally forgot about this little persistence method, lol
Hahaha, wow... 😮 If you leave App passwords enabled and enforce MFA through per-user MFA, the MFA enrollment wizard actually makes the user to create an app password 🤯
AWS quietly updated T&Cs to ban “Fireprox”style use of API Gateway closing a handy pentest trick. @ZephrFish and @turvsec already rolled alternatives such as Omniprox and Flareprox. Banning tools only hampers legit testers, attackers will proxy anyway.
This release is probably going to be one of our biggest and most impactful! Kudos to the team @peterwintrsmith @modexpblog @s4ntiago_p @GigelV41464 @saab_sec 🙌
PDQ SmartDeploy versions prior to 3.0.2046 used static, hardcoded encryption keys for cred storage. Low-privileged users could potentially access admin creds from registry or deployment files. @unsigned_sh0rt unpacks his testing in his latest blog post. ghst.ly/4mjyuvw
Developing a scriptable (pwndbg-like) debugger for windows. Few more things we need to iron out but will be releasing soon 🐸
Here’s my slides from today’s “Regex For Hackers” talk at DEFCON with @NahamSec, bookmark this for some exciting news in the near future docs.google.com/presentation/d…
Had an awesome time at #DefCon 33. Lots of new discoveries, first time speaking at the #redteamvillage along with @zer0phat and met lots of cool people. Looking forward to the next one!
💻 ModuleOverride – Changing a Tyre Whilst Driving – @zer0phat & @kreepsec teach process injection using existing memory sections to run malicious shellcode. Hands-on demos and detection strategy discussions at @redteamvillage_ during @defcon 33! ⚡
Happy Friday! We're ending the week by publishing our analysis of Fortinet's FortiWeb CVE-2025-25257.... labs.watchtowr.com/pre-auth-sql-i…
PSA to anyone struggling, don't be told that "you're just worried", "you're just feeling sad", "you're overthinking things"... depression, anxiety, OCD, ADHD, Autism are killers. Talk, and advocate for yourself!
Finally landed on an OCD diagnosis yesterday, the fucking relief is unreal. Not like it's a shock, but it's been a loooooong time to get to this point. Look after your mental health h4xx0rz! youtube.com/watch?v=NDBRjB…
youtube.com
YouTube
Sick In The Head
Nothing like scratching the bug bounty itch with several crits to end the night. Now to rest ready for Steelcon
Today MSRC fixed two vulnerabilities I reported a couple months ago. EoP in Windows Update service (affects only windows 11/10 with at least 2 drives) msrc.microsoft.com/update-guide/v… EoP in Microsoft PC Manager msrc.microsoft.com/update-guide/v… PoC for CVE-2025-48799: github.com/Wh04m1001/CVE-…
I'm teaching an intro to cloud security workshop on July 11th. This is a pay what you can course so you can take it for free. I'll also be teaching the full version of my Breaching the Cloud course at @WWHackinFest in October. Registration links below: Workshop:…
if you're looking for a @Pocket replacement, I built Obsidian Web Clipper — it's open source and works with any app that supports Markdown (not just Obsidian)
ZPS has a new site with some pretty cool changes to pricing, labs, and exams. Read more here: zeropointsecurity.co.uk/blog/new-site-…
HELLO NAHAMCON 2025 CTF IS MAY 23 TO MAY 25 BEN ASKED ME TO HELP PROMOTE AND I FORRGOOTTT PLEASE REGISTER AND PLAY OUR GAME jh.live/nahamcon-ctf I WILL CONTINUE TO SPAM UNTIL SHOWTIME AND DURING EVENT SORRY BUT IT WILL BE FUN I PINKY PROMISE
United States الاتجاهات
- 1. Elander 1,669 posts
- 2. Tony Vitello 8,482 posts
- 3. $NOICE N/A
- 4. Danny White 1,595 posts
- 5. #Married2Med N/A
- 6. #LoveIsBlindS9 2,683 posts
- 7. San Francisco Giants 3,571 posts
- 8. SNAP 654K posts
- 9. Jay Johnson N/A
- 10. Surviving Mormonism N/A
- 11. East Wing 133K posts
- 12. Buster Posey N/A
- 13. #13YearsOfRed 1,059 posts
- 14. Brahim 4,360 posts
- 15. #SFGiants N/A
- 16. FIDE 5,444 posts
- 17. NextNRG Inc $NXXT N/A
- 18. Daniel Suarez N/A
- 19. #LaCasaDeAlofoke2 22.6K posts
- 20. Chiesa 7,375 posts
قد يعجبك
-
Brett Buerhaus
@bbuerhaus -
HackerSploit
@HackerSploit -
Pentester Land
@PentesterLand -
Rana Khalil 🇵🇸
@rana__khalil -
Nicolas Grégoire
@Agarri_FR -
Tib3rius
@0xTib3rius -
André Baptista
@0xacb -
Michael Skelton
@codingo_ -
Somdev Sangwan
@s0md3v -
STÖK ✌️
@stokfredrik -
Suraj
@PwnFunction -
Patrik Fehrenbach
@ITSecurityguard -
MorningStar
@0xMstar -
spaceraccoon | Eugene Lim
@spaceraccoonsec -
PinkDraconian
@PinkDraconian
Something went wrong.
Something went wrong.