🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

I'm super happy to announce an operationally weaponized version of Yuval Gordon's BadSuccessor in .NET format! With a minimum of "CreateChild" privileges over any OU it allows for automatic escalation to Domain Admin (DA). Enjoy your inline .NET execution! github.com/logangoins/Sha…

🎶Click. Click. SNEK IN. No logs. Just WIN. Plug. Stick. We back. Snek go sssssssssssss ... ATTACK!! 🎶

OSCP Tricks🔥 🔗github.com/rodolfomariano…

FilelessPELoader v2 is coming ...

I know some have been concerned that I’m not posting enough hacking content. Rest assured I’m still at it. The new Kerberos reflective relay attack is hot 🔥no need to apply a patch to krbrelayx, just get into smbrelayserver.py and remove the NTLM mech type and you are g2g.

🌀 𝗦𝗺𝘂𝗴𝗴𝗹𝗲𝗙𝘂𝘇𝘇 - A modular HTTP request smuggling fuzzer built for deep desync exploration. 👉 github.com/moopinger/smug… Perfect for testing reverse proxies, finding obscure smuggling vectors, and pushing fuzzing boundaries. #CyberSecurity #RedTeam #BugBounty

No Agent, No Problem: Discovering Remote EDR jonny-johnson.medium.com/no-agent-no-pr…

Chrome App-Bound Encryption Decryptor v0.11 is here! 🚀 As a learning project, I've implemented a new Kernel-Level Execution Syscall Engine. It fuses Halo's Gate SSN deduction with a Tartarus Gate fallback for enhanced resilience against EDR hooks - fully operational on x64 &

WPProbe 0.7.0 is out! 🚀 Added: • list - preview total CVEs in the Wordfence DB • search - lookup by CVE ID, plugin name, title, severity & more 👉 github.com/Chocapikk/wppr…

opencode rewrite is done and ready for general use - works with claude pro/max - beautiful themeable tui - shareable links for any session - zero config LSP support - works with 75+ LLM providers (including local) link in reply

opencode is here

Playbook Hunting Chinese APT an Chinese APT TTPs and LOLBAS Operations medium.com/detect-fyi/pla…

Doppelganger: An Advanced LSASS Dumper with Process Cloning labs.yarix.com/2025/06/doppel…

Mythic C2 with redirectors & EarlyBird injection beats Windows 11’s Defender - signature & behavior. Dive in: xbz0n.sh/blog/mythic-c2… #RedTeaming #C2Infrastructure #C2

The Story of : Recon Meant Almost Nothing kongsec.medium.com/how-getting-st… #BugBounty #CyberSecurity #Infosec #ResponsibleDisclosure #Kongsec #ApplicationSecurity #Recon #bugcrowd #hackerone

Read our breakdown of Claude's attack sequence against the notoriously hard-to-solve "turtle" challenge: dreadnode.io/blog/ai-red-te…

''Doppelganger: An Advanced LSASS Dumper with Process Cloning'' #infosec #pentest #redteam #blueteam labs.yarix.com/2025/06/doppel…

Bug Bounty Tip If you found directory listing vulnerability on PHP server, check these common paths for session files: - /var/lib/php5/ - /var/lib/php/session/ - /var/lib/php/sessions/ - /opt/plesk/php/sessions/ - /var/lib/php/mod_php/session/ - /tmp/ ;- /var/tmp/ ;- /dev/shm/

Bug Bounty Cheat Sheet File Upload Extension Splitting

📌Red Team Management - Important documents for you to start a Red Team management 🔗github.com/CyberSecurityU…