Ok this is fascinating... I have looked at psexec as a lateral movement tool for years and never noticed this until today. On the receiving end (victim) of a psexec lateral, a file gets quickly created and then deleted, its name containing the HOSTNAME of the attacking system.

Ok, time to share the CrowdStrike memes over been hoarding throughout the day 🤣 🧵

I'm live on Twitch, come hang out! twitch.tv/apis_carnica?s…

WHAT THE ACTUAL F.......................

🚨Alert🚨CVE-2024-39907 (CVSS 9.8): SQLi Flaw Exposes 1Panel Users to Remote Takeover 🔥PoC: github.com/1Panel-dev/1Pa… 📊26.3K+ Services are found on hunter.how 🔗Hunter Link: hunter.how/list?searchVal… 👇Search Query Hunter:/product.name="1Panel" FOFA: app="1Panel-Panel"

Found AWS credentials in a .git folder and /.aws/credentials file, but got only $300 since it was a test subdomain. Tip: Add /.aws/credentials and /.aws/config to your wordlist. #bugbountytips #BugBounty #vulnerability

[Research] 1day1document : CVE-2023-21608 오늘의 하루한줄...은 아니고 대략 문서 정도는 되는 분량의 무언가는 Adobe Acrobat에서 발생한 Use After Free 취약점인 CVE-2023-21608입니다. 취약점과 패치 분석, 익스플로잇까지 알차게 담았으니 재밌게 읽어주세요! hackyboiz.github.io/2024/08/04/pwn…

Here you go guys! I hope you're having fun with the challenge!

𝙑𝙖𝙣𝙙𝙖𝙡 dragons/acc 🐉@ Out and about Yaxis Dark Apis Carnica Alon BabyDragon+BabyDaddy It was great working on this with y'all. I had a blast... and only mild trauma. Big shoutout to Sonicos for making this happen and putting up with us! Go team "Going QRazy"!

A friend of mine got booted out of the Hilton Hotel at DEF CON after room searches and here is his story and what they were looking for: So during Def Con 32, the Hilton Hotel did raids on the rooms of people it thought were hackers. Here is a post of someone's experience and

Tip:- How to get from 10k subdomains -> 350K... 1-Subdomainer 2-chaos 3-assetfinder 4-frogy Explanation in comments ↓ #bugbountytips #bugbountytip #bugbounty #hackerone #bugcrowd #h1

DNS can be used as a filesystem. Yes, you heard that right. DNSFS is a project to store files in other peoples DNS resolver caches. Sure, your files will only last a few days (at best). Even after adding TXT records across entire world, you're only going to have about 250MB

Blind XSS in Bitmex Tip : Use Polyglot Payloads also #bugbountytips

As promised, here are the slides I gave with 𝙑𝙖𝙣𝙙𝙖𝙡 and Dark at the dc205 meetup. Shoutout to our other team members: dragons/acc 🐉@ Out and about,Yaxis,Apis Carnica,AlonTheSlay How we won the @DEFCON Black Badge Raffle TCG: A thread #bbrtcg defcon raffle

the energy i bring to the team