Bypass Defender AV static detection: If you name a malicious file DumpStack.log Defender doesn't scan it.

In order to limit the RAM used by Burp Suite, simply add "-Xmx512m" or "-Xmx4G" to ~/BurpSuitePro/user.vmoptions

The new version of the CrowdSec NGINX bouncer is out! It comes with stream mode support, reCAPTCHA v2, and more. Read our latest blog post for the full list of new features and how-to install tutorial 👇👇👇 crowdsec.net/blog/nginx-bou…

Awesome Electron.js hacking & pentesting resources: This list aims to cover Electron.js security related topics. Feel free to contribute by opening a PR if you think something is missing to this list! github.com/doyensec/aweso… #infosec #bugbounty #opensource #cybersecurity #AI

Ecrire un module kernel sous Linux (3) : rancune.org/code/c/imil/20…

Si vous avez encore des doutes sur les différences qu’il existe entre un test d’intrusion et un exercice red team, je vous invite à prendre 5 minutes pour éclaircir la chose en lisant cet article: hackila.com/blog/pentest-v… #redteam #pentest

🇫🇷🎙️ Nouvel épisode du podcast hack'n speak accompagné de TouF créateur de l'outil DonPAPI qui permet de récupérer les secrets protégés par la DPAPI sous Windows ; très utile en pentest interne 🔥 Bonne écoute à toutes et à tous 🎶 anchor.fm/hacknspeak

Master English Accent for Frogs - où comment présenter en *anglais* et être compris (par des anglophones), à l’usage des speakers français de conférences de sécurité informatique/hacking… cryptax.medium.com/english-accent…

I wrote an IDA plugin that queries #ChatGPT and explains decompiled functions. It's still very bleeding edge, but you can find the code here and try it out: github.com/JusticeRage/Ge… (Yes, the video was performed on a very basic case for simplicity's sake.)

I am excited to announce a new project, Hacker AI, an AI-powered tool that detects vulnerabilities in source code. Check it out at hacker-ai.online. Feedback is greatly appreciated.

Bloodhound python from Dirk-jan is now integrated to CrackMapExec as a core feature 🔥 ▶️ cme ldap <ip_dc> -u user -p pass --bloodhound Enjoy this one, more juicy features to come soon 💪 Pushed on Porchetta Industries thanks to the sponsors as always 🪂

APKHunt is a comprehensive static code analysis tool for #Android apps that is based on the OWASP MASVS framework. it can be used by anyone to identify and address potential #security #vulnerabilities in their code. github.com/Cyber-Buddy/AP…

POC for CVE-2022-39952 affecting Fortinet FortiNAC Why it's so easy... :/ github.com/horizon3ai/CVE…

We published a joint advisory about a People’s Republic of China (PRC) state-sponsored cyber actor who is living off the land using built-in network administration tools to evade detection while compromising networks and conducting malicious activity: go.dhs.gov/48u

Version v1.0.0 of NetExec is finally here! With a WORKING WINDOWS BINARY 🥳 We wanted to have this release be as stable as possible, so we hope there aren't many bugs! github.com/Pennyw0rth/Net…

We introduce our Turul project that discusses what it can do: turul.atlan.digital We are working everyday on this, using it in live engagements, and have a pretty far reaching vision for what it could be.

Turns out, sometimes it isn't DNS... it's DHCP 👀 See Ori David's research on how DHCP can be used to spoof DNS records- potentially leading to Active Directory compromise. Worst part? No credentials needed, just network access. Full write-up: akamai.com/blog/security-…

🎅 Ho, ho, ho! Santa's got a surprise for you #Linux is coming to ANYRUN! 🎁 Get ready to execute #malware, interact with uploaded files, and gather IOCs on #Ubuntu 22.04.2 🚀 Stay tuned for the official launch soon. For now, check out Linux task samples: ➡️