Tmp.0ut is back with awesome stuff!!

Today I am releasing part 1 of a 3 part series on “modern” browser exploitation targeting Windows. Part 1 addresses configuring an environment, understanding how Chakra/ChakraCore manages objects in memory, and type confusion vulnerability analysis. connormcgarr.github.io/type-confusion…

Hello ! FuckThatPacker is now integrated to CobaltStrike. You can now generate obufscated powershell payloads directly within CobaltStrike :D github.com/Unknow101/Fuck… retweet appreciated

Here are the slides for my talk « Delegating Kerberos to bypass Kerberos delegation limitation » 😈 at Insomni'hack #INS22 thehacker.recipes/ad/movement/ke…

Bonjour Twitter, mon petit cousin fait des parcours de billes avec des gouttières et autres et j aurais voulu lui trouver des vidéos/ idées (il a 7 ans) donc voilà si vous avez ce genre de source :p

Watch the fight « Synacktiv versus Tesla » during the #Pwn2Own hacking contest. Tomorrow Thursday, May 19 at 7pm (UTC+2 🇫🇷).

Unfortunately my BlackHat US submission about the V8 sandbox was rejected, but we should still have some cool announcements to share about how we're making V8 harder to exploit soon. In any case I'll be around at the conference! :)

AND APPARENTLY, even though I have iCloud backuping enabled, none of my photos from the past 4 years were backuped 😢 I have a lot of sentimental value on my phone, and was wondering if any one of ya'll can think of a way to help me out... All ideas are welcome ♥️ 3/3

Hey, with baguette we are building a CTF team for #LeHack. Feel free to dm if you want to join us 🙂

Hello 😀 Vous l'attendiez tous, on organise un meet "Not Before LeHack" car il sera pendant, le Vendredi 24 Juin à partir de 18h30, voici le lien pour vous inscrire 😉 framadate.org/PiEl4NlVM4n6qA… #infosec #rtfm #lehack

@ENSIBS Login Sécurité se sera battu jusqu'au bout🙂. On a fini 5e. Merci à HACK2G2 pour cette event! Le Fake CTF était amusant.

Retrouvez moi au leHACK ce week-end pour un workshop sur la traque des INTERPOL #MostWanted 🟥 #RedNotice fugitives grâce à l'OSINT (si, si, c'est possible !) Où : Osint Village, sur le stand d'OSINT-FR, Room 1 Quand : Dimanche, 2h30 Let's track Interpol Super Villains ! #osint #osint4good #roso

Just publish the write up for the challenge that i’ve created for leHACK 2022 :) You can read it here : github.com/W0rty/LeHack_S… Gg to teams who solved it :)

Exploiting an Unbounded memcpy in Parallels Desktop A Pwn2Own 2021 Guest-to-Host Virtualization Escape blog.ret2.io/2022/05/19/pwn…

Check out new lsassy release! 🔸New dump modules 🔸Usable TGT are displayed alongside credentials 🔸DPAPI Masterkeys are retrieved For more details you can check release 3.1.2 description github.com/Hackndo/lsassy…

Google CTF 2022 d8: From V8 Bytecode to Code Execution: mem2019.github.io/jekyll/update/…

Here we go, new articles are ready on a brand new and exciting topic, smart contracts security! ⛓️ ⏩To get things off to a good start, here's the first article, Blockchain 101. Happy reading! en.hackndo.com/blockchain/

Hi Hackers, Let’s celebrate all our wins and inspire others by dropping a link below to a write-up of some public security research you’re the most proud of! Don’t be shy! Let’s goo! 👇 #CyberSecurity

Sharing another V8 Sandbox design document more widely: docs.google.com/document/d/1CP… This one discusses how to protect code pointers - probably the most performance sensitive part touched by the sandbox - with (almost) no performance overhead.