We put together a blog post to help our industry understand the risks young people face online and what they, and the adults around them, can do to protect themselves.

High-Risk Vulnerabilities in Microsoft Telnet MS-TNAP Implementation hacker.house/blog/critical-…

Exploiting Windows Installers with SetupHijack: Race Conditions, UAC Bypasses, and Privilege Escalation hacker.house/blog/exploitin…

I was exploiting time extensions in TCP recently and observed a peculiar behavior that the Linux kernel doesn't actually randomize timestamps when you tell it to, see - timecrime.c raw.githubusercontent.com/hackerhouse-op…

145+ documented vulnerabilities, covers vulnerabilities from the 1990s (Cray UNICOS, SGI IRIX) through modern systems (2025 IIS exploits), providing both educational value and historical context for security researchers and penetration testers. deepwiki.com/hackerhouse-op…

Credential harvesting through the Microsoft Telnet NTLM Authentication Protocol (MS-TNAP). Implements a malicious Telnet server that exploits a protocol-level vulnerability in telnet.exe to capture NTLM authentication material via URIs. deepwiki.com/hackerhouse-op…

OffensiveLua is a collection of 20+ offensive security scripts written in Lua that perform red team operations through direct Windows API calls. The repo includes OffensiveLuaEmbedded.exe that embeds LuaJIT with advanced debugging capabilities. deepwiki.com/hackerhouse-op…

Technical analysis of AIX 5.3L libc locale environment variable handling vulnerability that enables local privilege escalation to root. overs the buffer overflow mechanism, PowerPC shellcode construction, and exploitation technique targeting /usr/bin/su. deepwiki.com/hackerhouse-op…

Exploits for Unix variants with significant historical value and may still exist in specialized environments such as scientific computing facilities, ICS, and legacy envs. Coverage includes Cray UNICOS, SGI IRIX, Solaris, HP-UX, and SCO Unix systems. deepwiki.com/hackerhouse-op…

SignToolEx, a code-signing tool that enables the use of expired certificates for executable signing operations. deepwiki.com/hackerhouse-op…

The #KnownSec "RESTRICTED – Military/Public Security Use Only" contained image teasers from files. Using OCR, translation and AI, I was able to reconstruct the 15 pages of "Wi-Fi Attack Training". There is reference to a 2019 0day (at the time) WiFi exploit DRAGONBLOOD.

Wi-Fi Attack Training Manual (Version: 1.0 (Internal Training – Military & Public Security Use)) - 0x0.st/Kpqv.pdf

Are you concerned about Insider threats? Need to better understand Data Loss Protection controls? Zero-Trust implementations? Next generation firewalls? Contact the team at Hacker House hacker.house for bespoke tailored cyber assurance tailored to your business needs.

Check your React Server Components for the latest RCE impacting React/NodeJS applications CVE-2025-55182. One liner in bash or powershell can test your NodeJS applications for exposure. Ensure you apply fixes to prevent RCS exploitation urgently!

v(){ npm ls react-server-dom-* next 2>/dev/null|grep -Eq '19\.[0-2]\.0|next@1[56]\.';};v&&echo CVE-2025-55182 VULN||echo OK

if(npm ls react-server-dom-* next 2>$null|Select-String '19\.[0-2]\.0|next@1[56]\.'){ 'VULN' } else { 'OK' }

A high-performance Monero (XMR) mining implementation in C++ using the RandomX algorithm. This miner is optimized for modern CPUs and provides efficient mining capabilities with a simple command-line interface. (src) github.com/hackerhouse-op… - (docs) deepwiki.com/hackerhouse-op… #XMR

A lightweight, high-performance Monero (XMR) CPU miner using the RandomX algorithm. github.com/hackerhouse-op… #crypto #XMR #mining #miner #security #ethicalhacking