New Post: SetupHijack – Installer and Updater Race Condition Proof of Concept for Local Escalation SetupHijack is a Windows research tool that races installer & updater drop locations to substitute attacker payloads darknet.org.uk/2025/09/setuph… #windowsupdate #hackingwindowsupdate

New Post: AIPentestKit – AI-Augmented Red Team Toolkit for Recon, Fuzzing & Payload Generation AIPentestKit bundles AI helpers for red teams: Burp plugins, payload and wordlist generators, webshell bypass tools darknet.org.uk/2025/09/aipent… #llmpentesting #redteam #aihacking #cyber

New Post: RustRedOps – Rust Native Offensive Toolkit Collection for Red Teams RustRedOps is a collection of Rust-based offensive security modules for post-exploitation, process injection & payload staging. darknet.org.uk/2025/10/rustre… #rust #rustsecurity #cybersecurity #redteam

New Post: IAMhounddog – Practical AWS IAM Relationship Mapping for Red Teams IAMhounddog maps AWS IAM relationships to reveal privilege escalation chains. darknet.org.uk/2025/10/iamhou… #awshacking #cloudsecurity #awsiam #cloudhacking #iamsecurity #redteam

New Post: LLM Black Markets in 2025 – Prompt Injection, Jailbreak Sales & Model Leaks Explore how LLM black markets in 2025 trade prompt jailbreaks, model leaks & exploit tools darknet.org.uk/2025/10/llm-bl… #llmsecurity #genaisecurity #aihacking #llmblackmarket #darkweb #darknet

New: CloudConqueror – AWS CloudControl API Attack Surface Mapping and Persistence Tool CloudConqueror maps and abuses the AWS CloudControl API for discovery, resource enumeration, and persistence darknet.org.uk/2025/10/cloudc… #cloudsecurity #cloudhacking #awsecurity #cloudcontrol

New Post: Autoswagger – Automated discovery and testing of OpenAPI & Swagger endpoints Autoswagger finds and tests OpenAPI/Swagger specs to expose unauthenticated endpoints, PII leaks & secrets darknet.org.uk/2025/10/autosw… #hackingtools #apihacking #apisecurity #endpointsecurity

New Post: Exploit-as-a-Service Resurgence in 2025 – Broker Models, Bundles & Subscription Access Exploit-as-a-Service in 2025: how exploit brokerages, subscription bundles, and underground access models are reshaping cyber crime economics. darknet.org.uk/2025/10/exploi…

New Post: HoneyBee – Misconfigured App Generator for Red Team Validation HoneyBee generates intentionally misconfigured Docker environments and Nuclei templates using LLMs darknet.org.uk/2025/10/honeyb… #appsec #applicationsecurity #infosec #cybersecurity #apphacking #redteam

New Post: XRayC2 – Weaponizing AWS X-Ray for Covert Command and Control (C2) XRayC2 shows how AWS X-Ray can be abused as a covert command and control channel. darknet.org.uk/2025/10/xrayc2… #awshacking #c2 #commandandcontrol #cloudsecurity #awsxray

New: Post-Quantum Cryptography in 2025 – Migration Paths, Early Movers and CISO/RedTeam Impact Post-quantum cryptography in 2025: standards, hybrid migration, and what CISOs and red teams should do darknet.org.uk/2025/10/post-q… #pqc #postquantum #cryptography #cybersecurity #nist

New Post: NetExec – Network Execution Toolkit for Windows and Active Directory NetExec provides multi-protocol network execution for Windows Active Directory environments. darknet.org.uk/2025/10/netexe… #windowsecurity #hackingwindows #activedirectoryhacking #cybersecurity #infosec

New Post: Reaper – Unified Application Security Testing with AI Support Reaper – an open-source AppSec testing framework combining recon, proxying, fuzzing and AI-agent workflows darknet.org.uk/2025/10/reaper… #llmsecurity #genaisecurity #pentesting #redteam #genaihacking #llmhack

New Post: mcp-scanner – Python MCP Scanner for Prompt-Injection and Insecure Agents Python tool to scan Model Context Protocol servers for prompt injection, jailbreaks, and insecure tool patterns darknet.org.uk/2025/10/mcp-sc… #genaisecurity #hackinggenai #mcpsecurity #hackingtools

New Post: gitlab-runner-research – PoC for abusing self-hosted GitLab runners PoC scripts demonstrating abuse of self-hosted GitLab runners and practical hardening and detection guidance. darknet.org.uk/2025/11/gitlab… #gitlab #gitlabsecurity #gitlabrunners #gitlabrunnersecurity

New Post: Red Teaming LLMs 2025 – Offensive Security Meets Generative AI Offensive red teaming of large language models (LLMs) in 2025 actionable tactics, case studies, and CISO controls for GenAI darknet.org.uk/2025/11/red-te… #redteamllm #genaipentesting #cybersecurity #infosec

New Post: Scanners-Box – Open-Source Reconnaissance and Scanning Toolkit Scanners-Box is an open-source reconnaissance and scanning toolkit for red teams and security researchers. Curated collection of scanners and recon utilities darknet.org.uk/2025/11/scanne… #hackingtools #infosec

New Post: Reconnoitre – Open-Source Reconnaissance and Service Enumeration Tool Reconnoitre automates network reconnaissance and service enumeration for penetration testers and red teams using structured, repeatable workflows darknet.org.uk/2025/11/reconn… #pentesting #redteam #oscp

New Post: Initial Access Brokers (IAB) in 2025 – From Dark Web Listings to Supply Chain Ransomware Events Initial access brokers in 2025, how dark web access listings feed ransomware supply chain events like JLR, and what CISOs can do to detect/disrupt darknet.org.uk/2025/11/initia…

New Post: Systemic Ransomware Events in 2025 – How Jaguar Land Rover Showed What a Category 3 Supply Chain Breach Looks Like Systemic ransomware events in 2025, how Jaguar Land Rover’s shutdown exposed Category 3 supply chain risks darknet.org.uk/2025/11/system…