Yearly blog post just dropped: Control Flow Hijacking via Data Pointers 🐸 Showcasing how to find your own in Binary Ninja, how to weaponize and write a shellcode stub etc. Hopefully people find it useful :) legacyy.xyz/defenseevasion…

What if you skipped VirtualAlloc, skipped WriteProcessMemory and still got code execution? We explored process injection using nothing but thread context. Full write-up + PoCs: blog.fndsec.net/2025/05/16/the…

This was rad as hell. Thank you so much #BsidesTampa

🚀 We just released my research on BadSuccessor - a new unpatched Active Directory privilege escalation vulnerability It allows compromising any user in AD, it works with the default config, and.. Microsoft currently won't fix it 🤷‍♂️ Read Here - akamai.com/blog/security-…

Rumour has it that Jonas Lykkegaard's self-delete technique doesn't work on Windows 11 anymore. Well, the original proof of concept (PoC) does not, but slight modifications bring this technique back to Win11!😎 With #RustPack, you can easily generate self-deleting executables or

Okta chained with Azure with auto MFA subscription for Okta and frame-buster bypass to perform Bitb ! Evilginx is really nice to setup custom phishing campaign whatever the environment is... Phishlet available here : github.com/OtterHacker/Ok…

👀 We have also released a paper which really goes into the nitty-gritty for those who are interested 🕵️‍♀️: redteam-pentesting.de/publications/2… For those that only need a short overview, here's our advisory 🚨: redteam-pentesting.de/advisories/rt-…

Technical analysis of CVE-2025-31201 blog.epsilon-sec.com/cve-2025-31201…

Learning Active Directory Certificate Service hacking-- with @Shikata! Starting with ESC8 using unauthenticated PetitPotam & Responder, we relay hashes to CA to get a certificate as the domain controller. This is the first video in an ADCS mini-series 😜 youtu.be/tYxJMr8jAgo

null pointer was the culprit that took down google 😭

I like to bypass XSS filters and sanitizers, so I keep forgetting to test for CSS exfiltration when I have HTML injection. This reminded me of the sic tool by d0nut 🦀 from a Singapore LHE, but there's also a cool list from PortSwigger 👇 github.com/PortSwigger/cs…

I'm starting another series - Buffer Overflows in the Modern Era. I'll go over the basics of using a debugger all the way to successfully achieving a buffer overflow exploit on Windows 11 24H2, using ROP gadgets and bypassing ASLR, etc. Here's part 1! g3tsyst3m.github.io/binary%20explo…

DLL injection fundamental Part 1 systemweakness.com/dll-injection-… Part 2 systemweakness.com/dll-injection-… Part 3 systemweakness.com/dll-injection-…

BREAKING: MIT just completed the first brain scan study of ChatGPT users & the results are terrifying. Turns out, AI isn't making us more productive. It's making us cognitively bankrupt. Here's what 4 months of data revealed: (hint: we've been measuring productivity all wrong)

We've uploaded our beginner .NET malware analysis stream where we analyzed DCRat with dnSpy. Enjoy!

TIL localhost can have subdomains

oh no 🟥 CVE-2025-32463, CVSS: 9.3 (#Critical) #Sudo version 1.9.14 to 1.9.17 #Vulnerability allows local users to gain root access via the --chroot option due to improper handling of /etc/nsswitch.conf. #CyberSecurity #CVE #PrivilegeEscalation openwall.com/lists/oss-secu…

An excellent, in-depth malware analysis article. Refreshing depth and clarity from Tony/Humpty c-b.io/2025-06-29+-+S… Demonstrably understands Yara's strengths and weaknesses. Take note Florian Roth ⚡️.

Ben Lieberman We have a chat service that works over DNS so you can LLM on a flight without paying " dig ch..at "what is golang" TXT +short"

A hacker clicked a Google ad. They thought they were grabbing a tool to help their ops. Instead, they installed Huntress on their own machine. 👀 And just like that—we got a front-row seat.