내가 좋아할 만한 콘텐츠
The slides of our joint research talk “10 Years of Windows Privilege Escalation with Potatoes” at #POC2023 are out! 👉 github.com/antonioCoco/in… cc @decoder_it
Just published a summary of "modern" Windows authentication reflection attacks. Turns out reflection never really died. 😅decoder.cloud/2025/11/24/ref…
Blog post about my recent CVE-2025-58726, aka “The Ghost Reflection” is out, read it here: semperis.com/blog/exploitin… 🙃
Remember the CredMarshalInfo trick? If you hadn’t applied the June 2025 patch, CVE-2025-33073 would have been critical. We know that in NTLM local auth, msg 3 is empty:You can drop sign/seal -> from Domain User to DomainAdmin escalation. 😅
Coercing machine authentication on Windows 11 /2025 using the MS-PRN/PrinterBug DCERPC edition, since named pipes are no longer used. Kerberos fails in this case due to a bad SPN from the spooler, forcing NTLM fallback.
Better socket handle visibility coming soon to @SystemInformer 🔥 When viewing a process handle table, SI will recognize files under \Device\Afd and retrieve information about their state, protocol, addresses, and more. Also works on Bluetooth and Hyper-V sockets 🤩
In my long history of submissions, I think this is the first time one has been marked as critical😅
Another Monday. Another week of… endless emails, annoying meetings, and oh look, a three-headed monkey behind you! Now that we have your attention, we can unveil the agenda for #RomHack2025 romhack.io/romhack-confer… #infosec #securityconference
I just published a blog post where I try to explain and demystify Kerberos relay attacks. I hope it’s a good and comprehensive starting point for anyone looking to learn more about this topic. ➡️decoder.cloud/2025/04/24/fro…
Microsoft has discovered post-compromise exploitation of CVE 2025-29824, a zero-day elevation of privilege vulnerability in Windows Common Log File System (CLFS), against a small number of targets. msft.it/6019qIVV9
NTLM relay is still a major threat and is now even easier to abuse. We just added new NTLM relay edges to BloodHound to help defenders fix and attackers think in graphs. Read my detailed post - the most comprehensive guide on NTLM relay & the new edges: ghst.ly/4lv3E31
We (me + @2igosha) have discovered a new Google Chrome 0-day that is being used in targeted attacks to deliver sophisticated spyware 🔥🔥🔥. It was just fixed as CVE-2025-2783 and we are revealing the first details about it and “Operation ForumTroll” securelist.com/operation-foru…
Check out our new blog post!
🍎🚨🕵️♂️ The notoriously elusive macOS malware, ReaderUpdate, is back — stealthier than ever. @philofishal and @syrion89 uncover how ReaderUpdate Reforged blends Go, Crystal, Nim, and Rust into a potent mix. 📄 This new research from SentinelOne exposes how these new variants are…
new #elastic defend rules out : - PPL bypass via ComDotNetExploit - Execution via Windows-Run (trending delivery method ITW) github.com/elastic/protec…
Hey, we should really switch from NTLM to something like Kerberos, yet another good reason, right? cc @ShitSecure @splinter_code 😂🤣
KrbRelayEx-RPC tool is out! 🎉 Intercepts ISystemActivator requests, extracts Kerberos AP-REQ & dynamic port bindings and relays the AP-REQ to access SMB shares or HTTP ADCS, all fully transparent to the victim ;) github.com/decoder-it/Krb…
United States 트렌드
- 1. FIFA 350K posts
- 2. The WET 117K posts
- 3. FINALLY DID IT 438K posts
- 4. Paraguay 27.7K posts
- 5. Brazil 78.8K posts
- 6. Argentina 227K posts
- 7. Portugal 103K posts
- 8. Croatia 24.7K posts
- 9. Frank Gehry 4,054 posts
- 10. Hep B 15.4K posts
- 11. Morocco 67.5K posts
- 12. Matt Campbell 11.1K posts
- 13. Warner Bros 243K posts
- 14. Iowa State 9,357 posts
- 15. Group L 17.6K posts
- 16. #Mundial2026 40K posts
- 17. #USMNT 1,422 posts
- 18. Ghana 83.5K posts
- 19. Infantino 73.8K posts
- 20. Senegal 51.7K posts
내가 좋아할 만한 콘텐츠
-
x86matthew
@x86matthew -
S3cur3Th1sSh1t
@ShitSecure -
Andrea P
@decoder_it -
mpgn
@mpgn_x64 -
Chetan Nayak (Brute Ratel C4 Author)
@NinjaParanoid -
MDSec
@MDSecLabs -
Matt Hand
@matterpreter -
an0n
@an0n_r0 -
Lee Chagolla-Christensen
@tifkin_ -
klez
@KlezVirus -
Melvin langvik
@Flangvik -
Swissky
@pentest_swissky -
Grzegorz Tworek
@0gtweet -
mgeeky | Mariusz Banach
@mariuszbit -
Adam Chester 🏴☠️
@_xpn_
Something went wrong.
Something went wrong.