If Francis KOs fury I’ll cashapp anyone who retweets this!👀💰#FuryvsNgannou

NetSPI Scott Sutherland heck yeah!

I’m building incredibly in-depth course work for Command and Control operations as well as detection engineering. This is NOT entry level. Live instruction + lifetime access to materials. Until it launches, once a week I will give away access to someone who retweets and follows

Decided I'd like to make a career swap toward the defensive side: e.g. Detection Engineering, Threat Research etc. Happy to provide more information via DM 🙏 (also any retweets would be greatly appreciated)

We're excited to announce the upcoming launch of our new course: Offensive Phishing Operations. More Info: maldevacademy.com/phishing-course Syllabus: maldevacademy.com/phishing-cours… Launch date: March 2025

A little while ago I tweeted about a potential BOF-PE design. So here it is, a new design that includes a fully linked PE, C++ exceptions and use of the STL template library.

I spoke about the initial credential guard vulnerability at #SOCON2025, but I left out the part where the fix could be bypassed. Both bypasses have now been fixed which I cover in my blog post along with some juicy technical details. Enjoy.

My #SOCON2025 talk is now live for those interested in credential guard research. youtu.be/9U_7u849yQQ?fe…

We have already received some incredible submissions for the 4th edition of BSides Tirana . From hacking Machine Learning models to deep dives into Vehicle Security. The lineup is shaping up to be our best yet! Think you’ve got a talk that belongs on that stage? We’d love to

well i have something unfortunate to share last night they gave my bounty an important rating, but marked it out of scope some how all of this is just wildly dishonest. For one its not just information disclosure. I included and addendum that showed how to leak bearer tokens and

NetSPI's Sam. Beaumont and Larry Trowell developed RayV Lite—a low-cost laser fault injection tool that makes advanced hardware security testing accessible beyond nation-states using open-source hardware & inexpensive IR-leaking lasers. ➡️ ow.ly/Nqtm50W4fjT

2025 Red Team Tools – C2 Frameworks, Active Directory & Network Exploitation bishopfox.com/blog/2025-red-…

Oh you thought surprises were over for BSides Tirana 2025 ? This year, we’re bringing Sina Kheirkhah - Pwn2Own "Master of Pwn" (SinSinology) to run a full-day workshop on Advanced .NET Exploitation based on his course that normally goes for €4,000. He’s been kind enough to

UAC bypass can be achieved by eg moving the legit perfmon.exe and an evil atl.dll to "c:\windows \system32". Windows is tricked into thinking it's a safe/trusted directory, meaning perfmon will launch with high integrity and also loads your DLL. Several other EXEs are vulnerable!