offensivecon Slides are at 0day.click/parser-diff-ta…

I’m very honored and grateful to have made it to Phrack! 😎🙏🏻

soundcloud.com/ytcracker/ytcr…

I was working on our latest lab for CVE-2025-25291, a vulnerability in Ruby-SAML. As a Ruby and SAML nerd 🤓, what’s not to love about this bug… An exploit for the issue was published as a nuclei template, so I grabbed it (after a few tweaks for my IDP|SP) and started playing!

Check out how I discover CVE-2025-33073 : RCE with NTLM reflectiv attack allowing authenticated user to compromise any machine without SMB signing enforced !

PentesterLab has the largest collection of hands-on JWT labs. We cover algorithm confusion, jku, kid, x5u and so much more. We also research new attack techniques and review JWT-related CVEs. Here is a great one we came across today...

Paged Out! #6 — now in print Two editions: 🟢 Regular 💎 Sponsor Edition — full-back badge in Gold, Platinum or Diamond Same content. Different legacy. 👉 lulu.com/spotlight/page… #PagedOut #printondemand #opensource #techzine

lightyear just got 6 times faster! Although I now work at Synacktiv, I proposed a PR for the tool to support threading and compression, greatly reducing the time required to dump a file. Dumping the demo /etc/passwd now takes 48s instead of 5m30. github.com/ambionics/ligh…

I published blogs detailing two vulnerabilities I recently discovered in Sudo. Update to 1.9.17p1. CVE-2025-32462 - Sudo Host option Elevation of Privilege Vulnerability stratascale.com/vulnerability-… CVE-2025-32463 - Sudo chroot Elevation of Privilege Vulnerability

I wrote two challenges for this year's Google CTF. One of them is Circo - A challenge inspired by EntrySign (the AMD ucode vuln) and the other is Sphinx (a diff crypto task). I wrote the tasks with a few goals in mind that I wanted to share, but this thread is about Circo. 1/🧵

Whenever I audit C# code, I look for benign file operations such as File.Exists(), especially if there's a preceding Path.Combine(). Read about how we leaked NTLM hashes pre-authentication in DotNetNuke (CVE-2025-52488) due to a perfect storm of issues. slcyber.io/assetnote-secu…

PentesterLab 's Code Review badge contains 18 bugs inside real projects (107 labs total). No recycled CVEs... I found & disclosed each one. Because AppSec isn’t 100-line snippets or RCE treasure hunts; it’s spotting the "boring" flaws that makes application less secure!

Get ready! Exciting prizes await the top student teams in a variety of categories!🏆But that’s not all! We're also handing out special awards for the sharpest write-ups and the most hilarious, high-quality memes. 😎Open to creative minds worldwide!🌐Spot prizes available too!🎉

DownUnderCTF 6 Challenges & Solutions: github.com/DownUnderCTF/C…

The Searchlight Cyber research team is releasing our final research post for our Christmas in July efforts, two RCEs and one XXE (all pre-auth) in Adobe Experience Manager Forms. One of the RCEs and the XXE still do not have official patches: slcyber.io/assetnote-secu…

I took a journey into the heart of Ruby to learn the secrets of the /o regex modifier, and I emerged wiser, but also so deeply tired.

Possibly thinking of Schneier instead of Finney - schneier.com/blog/archives/…

i invented the computer open.spotify.com/album/6c9v1GaJ… music.apple.com/us/album/i-inv…