We've updated the vx-underground bulk malware download collection. - Virusshare.00470 - Virusshare.00471 - 60,000+ unique malware samples - Named using Kaspersky naming convention Check it out here: samples.vx-underground.org/samples/Blocks/

WinDiff - Browse and compare exports, debug symbols and debug types of PEs between Windows versions. WinDiff is a streamlined revamp of ntdiff, wired directly to Winbindex to fetch Windows updates and PEs automatically. App: windiff.vercel.app Repo: github.com/ergrelet/windi…

Escalate Service Account To LocalSystem via Kerberos. To accomplish the goal, I leveraged three techniques: RBCD, Shadow Credentials, and Tgtdeleg. I built my project based on the Rubeus toolset. github.com/wh0amitz/S4UTo… #infosec #redteam #PenTest #cybersecurity #pentesting

Modding Your Switch Can Land You In Prison🎙Darknet Diaries Ep. 136: Team Xecuter youtube.com/watch?v=E0ihjL…

Development is in progress.

Learn as much as you can when you're young. The older you get the harder it is to learn things. Even if you take basic lessons in something, it'll go a long way when you want to learn it later in life.

Understanding Page Spray in Linux Kernel Exploitation arxiv.org/pdf/2406.02624 #infosec #Linux

🔥 SQL Injection Day! 🔥 💻 Found 7+ SQLi vulnerabilities in VDP programs 🚨 SQLi is still alive 🌐 Bug hunting life never sleeps. 🕵️‍♂️💥 #BugBounty #bugbountytips #bugbountytip #CyberSecurity #hackers #hackerone #HackerNews #infosecurity #Hacking

HellsHall - checks whether the syscall address is hooked and tries to retrieve the syscall number by checking the presence of specific bytes github.com/Maldev-Academy…

Performing AD LDAP Queries Like a Ninja cravaterouge.com/articles/ldapa…

Protect Loader - a shellcode loader written in golang designed to provide various security and evasion techniques for Go applications. Includes features such as shellcode loading, obfuscation & the use of indirect syscalls github.com/furax124/Prote…

Lets play hide the proc >/

⚡ Pentesting And Bug Hunting Checklist #bugbounty

Final giveaway of the year🎁: 4️⃣Hand-On Web Exploitation (Course Only hhub.io/2024holidays) 3️⃣Shodan Codes 2️⃣Caido licenses 1️⃣Hands-On Web Exploitation (Certificate+Course Bundle) To enter drop a 🫶🏼and RT

Check it out! A tool to abuse file upload functionality on web apps.

Bypass Cloudflare WAF (DOM-based XSS) ♻️ Payload: '-alert?.(1)-' writeup: 1337.or.id/post/stored-do… #infosec #cybersec #bugbountytips

I wrote a PoC for the recent Ivanti Connect Secure stack buffer overflow, CVE-2025-0282, based on the exploitation strategy watchTowr published, along with an assessment of exploitability given the lack of a suitable info leak to break ASLR: attackerkb.com/assessments/2c…

Seems that new windows update bring some changes in NTFS as its no longer possible to delete folders with ::$INDEX_ALLOCATION allocation trick with DeleteFile api.

We got in the ManusAI beta, what should we try first? #manusai @ManusAI_HQ

🚨Vancouver Police confirm that the suspect who drove his SUV into a crowd at the Vancouver Lapu Lapu festival is well known to police: "The person we have in custody does have a significant history of interaction with police and healthcare professionals related to mental