Just released a blog exploring python package management: dtm.uk/badpie/

Skipping Winsock - AFD.sys for-the-win! A series of posts by Mateusz Lewczak (Mateusz Lewczak) on how to use afd.sys driver to implement custom network connectivity. Highly recommended! Source: leftarcode.com/posts/afd-reve… #redteam #maldev #malwaredevelopment

The new Proxmark3 release "Phrack" (v4.20728) is out, a nod to the legendary security journal that has published so much foundational RFID research over the decades. A fitting name for this tool. tinyurl.com/4249mszy #Proxmark3 #RFID #Phrack #InfoSec

New blog post by Christian Mohn™: "vSphere: Its All Fun and Games Until Someone Gets Root" vninja.net/2025/09/18/vsp… #vExpert #VMware #VMUG #VMUGUK #LOLBins

Heathrow among European airports facing delays after cyber-attack hits check-in system bbc.in/4gxqncx

Ever stumbled on an AEM box and thought “ok… now what?” 😏 We dropped hopgoblin — new research + tool XXE, SSRF, XSS & more (CVE-2025-54251, -54249, -54252, -54250/47/48/46). 👀 time for some crits eh? 👉 github.com/assetnote/hopg…

Check out Titanis, my new C#-based protocol library! It features implementations of SMB and various Windows RPC protocols along with Kerberos and NTLM. github.com/trustedsec/Tit…

Added CRED-8 to Misconfiguration Manager, which is Garrett's MP relay to dump machine policy secrets. MM link: github.com/subat0mik/Misc… Blog link: specterops.io/blog/2025/07/1…

1/2 Over the past few weeks I've used the EMBER2024 model to try and figure out how to make implants less likely to be hit by ML. I wrote about the process here: mez0.cc/posts/evaluati…

Finally releasing Sekken-Enum, an ADWS enumeration BOF we've been using internally for a while now. Based on the research from SOAPHound/SoaPy moving away from relying on .NET execution or proxying. Output works with BOFHound for Bloodhound ingesting. github.com/Nomad0x7/sekke…

pagedout.institute ← we've just released Paged Out! zine Issue #7 pagedout.institute/download/Paged… ← direct link lulu.com/search?page=1&… ← prints for zine collectors pagedout.institute/download/Paged… ← issue wallpaper Enjoy! Please please please RT to spread the news - thank you!

New blog post by Florian Audon, our Security Engineer: Blinding EDRs: A deep dive into WFP manipulation. Learn how the Windows Filtering Platform can influence EDR connectivity and isolation. Learn more: ow.ly/KsQ850XaCFc #CyberSecurity #EDR #Switzerland #WFP

Ever been on an SCCM site server and *this* close to a DA pw that you couldn't decrypt for some reason? Check out my new blog looking at encryption in use within SCCM sites configured for High Availability and accompanying tooling to recover passwords: ibm.com/think/x-force/…

CVE-2025-59287 - 9.8, WSUS Remote Code Execution Write-up and PoC hawktrace.com/blog/CVE-2025-…

Red Team members, have you ever wondered how to extract access tokens from Microsoft Teams? blog.randorisec.fr/ms-teams-acces…

Credential Guard was supposed to end credential dumping. It didn't. Valdemar Carøe just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled. Read for more ⤵️ ghst.ly/4qtl2rm

EDR-Redir: You can break EDRs/Antivirus from user mode with bind link and cloud minifilter. Because your payload deserves privacy. #antimalware #itsecurity #redteam

EDR-Redir uses a Bind Filter (mini filter bindflt.sys) and the Windows Cloud Filter API (cldflt.sys) to redirect the Endpoint Detection and Response (EDR) 's working folder to a folder of the attacker's choice. zerosalarium.com/2025/10/DR-Red… #itsecurity #redteam #pentest

New research from John U: a clean loader-lock escape using the PEB's PostProcessInitRoutine. Read the analysis and PoC code 📃 preludesecurity.com/blog/escaping-…

AdminSDHolder is kinda my jam. I wrote the e-book on it. If you work with Activity Directory, I highly recommend you give this a skim, or at least check the spoilers in the blog.