#OffensiveCon23 will take place on the 19th-20th of May 2023. Stay tuned for further updates!

I am going to be in Abu Dhabi in two weeks. If someone wants to meet and discuss Red Teaming or C2 dev, hit me up

Join our partner. Exploit Labs GmbH, for their official PEN-200 #OSCP live training course in Eschborn–Frankfurt, Germany! Training in German: offs.ec/3W6aDTt Training in English: offs.ec/3O9CMqU

I can 100% recommend both the bootcamp and the advanced training. Beer, waffles and exploitation is a great combination!

Join our partner, Exploit Labs GmbH, for their PEN-200 #OSCP live training in Eschborn–Frankfurt, Germany! Enroll here: offs.ec/3EDTmJJ 🗓️ November 6th, 2023 - November 10th, 2023 📍On-site

Who knew it would be so easy to fix security. We are done here, time to become a cook and open a food truck.

Am I going crazy or are CVE-2022-44898 and CVE-2019-17603 the same bug? Is this all just the WinIO driver renamed to ene.sys and msio64.sys? Both have drivers call memcpy without bounds checking in IOCTL 0x80102040 with similar (72/80) offset to RIP. What am I missing?

Turns out: I am not losing my sanity. It is exactly the same vulnerability. The only difference is the offset (actually 56 vs 72). Fun little exercise.

Want to learn red teaming? Gain invaluable practical tips from SANS Instructors Dave Mayer and Jorge Orchilles on maintaining operational security while setting up C2 infrastructure Register here! buff.ly/3UwVkEQ

Target Date: Saturday, 2024-09-07 Target Location: Frankfurt, Goethe University maps.app.goo.gl/Ks37PvKh4iNTaM…

I'm teaching adv pen testing & exploit dev in Orlando on 24-Mar Jonathan is teaching Windows implant dev. He is who you want teaching this class! Douglas McKee is teaching his new course on product security testing & preventing supply chain attacks! tinyurl.com/SANS2024

Hey all, here I some future runs of the SANS Offensive Operations SANS Institute course #SEC670 We’d love to see you at one of these in person!

Don‘t miss out on a great SANS class! With modern endpoint security solutions, custom implants are the way to go. SANS Institute #SEC670 teaches you everything to build your own 👾 sans.org/cyber-security…

It's back!! Part 8 of my Intro to C series is finally here coming this Monday afternoon. Be sure to register down below. Always free and always recorded! SANS Offensive Operations SANS Institute sans.org/webcasts/an-in…

#SANSFIRE isn’t too far away now! I’ll be there in person teaching #SEC670 with a sweet update to the course! You better come ready for some serious coding 🤓 Sign up down below 👇🏻 SANS Institute SANS Offensive Operations sans.org/cyber-security…

It’s official!!! The first update to #SEC670 is done and approved for release at #SANSFIRE 🔥 for those coming in person, I have some cool things up my sleeve for you all. It’s not too late to register in person 👇🏻 sans.org/cyber-security… SANS Offensive Operations SANS Institute

Super excited to be in LA for this years SANS Institute Hollywood Hackfest. Jonathan and I will give talk on how to improve a module mapping loader using modern C++ paradigms, showcasing some of the techniques we teach in SEC670. Don't miss it!

SANS CDI 2024 is fast approaching. I'll be teaching my SANS Offensive Operations implant dev class #SEC670. Sign up for some nerdy C++ fun as you make Windows implants for a custom Python C2 server.

I'm looking forward to being in Orlando in a few months to teach my SANS Offensive Operations SANS Institute class: #SEC670 🤓 If you want to get your feet wet with making C++ Windows implants along with some Florida sun, this is the event for you! Reg link to the event:

🚀 Launching TheManticoreProject – a long-term offensive & defensive security ecosystem in Go! First release (the core library): Manticore 🐾 🔧 Modular Go library to craft & interact with network protocols. ⚙️ SMB support coming soon. 🌐 github.com/TheManticorePr…