🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Had a lot of fun digging into COM stuff with bohops recently! We ended up finding a way to laterally move without dropping a file. ibm.com/think/news/fil…

Lol

Had some fun with PDQ deploy/inventory credential decryption and wrote about it here: unsigned-sh0rt.net/posts/pdq_cred… thanks to dru1d for write a BOF out of the POC tl;dr get admin on PDQ box, decrypt privileged creds

I got a proof-of-concept working for CVE-2025-30406, recently added to CISA's KEV. It's point and shoot 🙃

I was wondering why the binary size of a program I was writing was so massive. Turns out, printing is complicated. 85kb of overhead just for std::println over std::cout is insane

Been thinking about the acceptance of BOFs as the goto development platform for capability development. From their inception, BOFs were intended to behave as a short inline-execution capability that extended the integral functionality of your C2 agent. The “inline-execution” part

Me: I should write good commit messages so that I can go back and reference what I've done previously Also me: git commit -am "Changes"

Apparently string "constants" in MSVC are not actually constants... MSVC decides to put them in a writable data section instead of a read-only one. I guess "const" is just a suggestion for MSVC

👿 𝐓𝐚𝐥𝐤 𝐓𝐨 𝐘𝐨𝐮𝐫 𝐌𝐚𝐥𝐰𝐚𝐫𝐞 – 𝐈𝐧𝐭𝐞𝐠𝐫𝐚𝐭𝐢𝐧𝐠 𝐀𝐈 𝐢𝐧 𝐚𝐧 𝐎𝐩𝐞𝐧-𝐒𝐨𝐮𝐫𝐜𝐞 𝐂2 𝐀𝐠𝐞𝐧𝐭 Describe what you want the malware to do in natural language -> dynamically generates Python code to do it. GitHub repo link below 📎 In this post,

single-threaded event driven sleep obfuscation poc for linux utilizing file descriptors, inspired by "pendulum" from Kyle Avery github.com/kozmer/silentp…

This week's edition is packed full of great techniques and tools! One of the longest posts we've done; there's so much cool stuff being released. blog.badsectorlabs.com/last-week-in-s…

excited bc today Huntress is releasing our analysis of a gnarly intrusion into a web3 company by the DPRK's BlueNoroff!! 🤠 we've observed 8 new pieces of macOS malware from implants to infostealers! and they're actually good (for once)! huntress.com/blog/inside-bl…

love it when people aggregate stealer logs into a big elasticsearch cluster for purposes not including initial access, hopefully the auth doesn't accidentally get turned off! imagine how many articles with misleading titles would be copy+pasted within an hour when sum1 finds it!