Was doing Hack The Box vintage machine and I had to go between impacket-getTGT and nxc alot and thought it would be nice to have this in nxc pipx install git+github.com/W1nterFr3ak/Ne… --force

We have the "ISACA Kenya Chapter Individual Awards" and what better opportunity than to nominate none other than muchilwa for the "Information Security Hero of the Year" Use the link below. docs.google.com/forms/d/e/1FAI… This thread shall contain "Evidence" to support our claims 1/n

xurlfind3r: Give It a Spin! It doesn’t interact directly with its target , minimizing detection risks while uncovering URLs. The URL list you get from a tool like xurlfind3r is more than just a bunch of links, it’s treasure map of your target’s digital exposure.

Very proud to announce that the Windows Subsystem for Linux is now open source! blogs.windows.com/windowsdevelop…

📣 Exciting news for aspiring vulnerability researchers - a selection of our internal VR Development Program training resources are now available on GitHub! Check them out at github.com/interruptlabs/… These ones are on software development: programming in C and Python.

Android In-The-Wild: Unexpectedly Excavating a Kernel Exploit Talk by @__sethjenkins about analyzing the traces of an In-The-Wild exploit that targeted the Qualcomm adsprpc driver. youtube.com/watch?v=lnK1iA…

Props to Octopwn and SkelSec for making the list. bishopfox.com/blog/2025-red-…

New RE Video: youtube.com/watch?v=3imRXE… In this video, I analyze a recent DPRK attributed Mach-O. Not a complicated sample, however does highlight some strange function calling which may interfere with static analysis. Enjoy! :)

iOS 12 WebKit re-jailbreak demo Currently, only the iPhone 5s running iOS 12.5.7 is supported, and there are still many issues that need to be fixed. youtube.com/watch?v=-qxKKK…

Fun fact : iOS 15 could open settings app by Preference URL Scheme within Contacts app using profile website link!

A step-by-step guide to writing an iOS kernel exploit alfiecg.uk/2024/09/24/Ker…

CVE-2025-33070 is an auth bypass in the function NetrServerAuthenticate3 - which is the same function of ZeroLogon. But you need to force the DC into an out-of-memory state first to trigger the bug.

Windows Logon Types #ThreatHunting #DFIR

iOS in QEMU is a thing now - and it's open source (by ChefKissInc)

Here's Reverse Engineering for Everyone! This wonderful little online book teaches you how to reverse engineer, and in the process gives you one of the best Assembly tutorials I've seen. That alone is worth giving this a read, try it out!

gist.github.com/0xilis/2ccd34d… Finally put out a tutorial for creating certificates to sign shortcuts instead of having Apple do it. Thought this was a vuln at first but Apple closed the report after a couple months so I guess it's intended. Old demo also here: github.com/0xilis/SelfSig…

🚨 Interested in Windows kernel exploitation? Our SSTIC 2025 talk on the Shadow Stack implementation in the Windows kernel is now online! 📄 Paper: sstic.org/media/SSTIC202… 📑 Slides: sstic.org/media/SSTIC202…

The "Fuzzing 1001: Introductory white-box fuzzing with AFL++" class by Francesco Pollicino has been finalized, and will be publicly released in 2 weeks (June 30th).

Solo: A Pixel 6 Pro Story (When one bug is all you need) Awesome article by Lin Ze Wei about adapting the Pixel 7/8 exploit for a bug in the Mali GPU driver to Pixel 6 Pro. starlabs.sg/blog/2025/06-s…

Check this out .. cool beginner reverse engineering resource touches on topics I rarely see being covered in most resources: ligerlabs.org