Un exploit que hice para Impact hace como un mes, fuimos los primeros en sacarlo, aqui la investigacion y el POC. coresecurity.com/core-labs/arti… github.com/fortra/CVE-202…

🎉 Fibratus 2.2.1 is out! This is a maintenance release with a bunch of small enhancements and bug fixes. Chnagelog: github.com/rabbitstack/fi… Kudos to Iterat0r for catching and reporting the 🐛

This is true if you focus your tests on known threat actors from Rusia, China, Iran, etc. Unfortunately we've seen highly motivated fraud actors capable of performing on-site attacks in branch offices, I don't know maybe this does not happen in London...

the future is written in C and C++ so go build with it, anon

¡SORTEO de 3 dominios .COM o .DEV + Plan Mail! Para participar: ① Sigue a DonDominio ② Dale RT a este tuit ③ Comenta para qué usarías el dominio ✓ Participación abierta a todo el mundo ✓ El sábado anunciamos los ganadores

🛑 GIVEAWAY ALERT 🛑 ⬇️ Today is day FOUR of FIVE days of Arcanum Information Security and friends Black Friday and Cyber Monday giveaways! Today we are giving away FIVE seats to our training: "Red Blue Purple AI" RBPAI is a cutting edge course on how to USE AI to scale

Fibratus 2.3.0 is out! 🪲𝗥𝗲𝘃𝗮𝗺𝗽𝗲𝗱 𝗬𝗔𝗥𝗔 𝗺𝗲𝗺𝗼𝗿𝘆 𝘀𝗰𝗮𝗻𝗻𝗲𝗿 🪵𝗘𝘃𝗲𝗻𝘁𝗹𝗼𝗴 𝗮𝗹𝗲𝗿𝘁 𝘀𝗲𝗻𝗱𝗲𝗿 🕵 𝟭𝟬 𝗻𝗲𝘄 𝗱𝗲𝘁𝗲𝗰𝘁𝗶𝗼𝗻 𝗿𝘂𝗹𝗲𝘀 🪪 𝗠𝗦𝗜 𝗰𝗼𝗱𝗲 𝘀𝗶𝗴𝗻𝗶𝗻𝗴 🛡️ 𝗥𝘂𝗹𝗲 𝗹𝗮𝗻𝗴𝘂𝗮𝗴𝗲 𝗳𝗶𝗲𝗹𝗱𝘀 github.com/rabbitstack/fi…

ICYMI, Raffi is somewhat back from his sabbatical and is posting again. He is not pulling any punches. aff-wg.org

Fighting to get a working OneDrive.exe process through NtCreateUserProcess (ordinal not found). The reason why it didn't work was posted 3 years ago🫠

Ahí si que se acaba de gueler hasta las reservas de bienestarina y Maizena del país...

Legba v1.1.0 is out! 🥳This is a major release that required a significant amount of (human) effort, bringing several key improvements that deserve individual attention. 🧵👇

Please spot the difference between Managed EDR and EDR according to the picture below. Good luck! Huntress

Evading stack trace with Cobalt Strike sleep mask + tail calls + ThreadPoolWork. Inspired by previous work about TpAlloc by Chetan Nayak (Brute Ratel C4 Author)

I've exploited npp for dll side loading in the past just by putting it in a writable folder, it also works by creating a malicious npp plugin. It even works with any portable app but I never saw it as a vuln since a legal install usually drops the files in a non-writable folder

Change my mind 😎