New extension for #havocframework on the store that I made to add rubber ducky support on red team engagements which would allow you to quickly infect machines through key stroke injection attacks! #Pentesting #infosec github.com/p4p1/havoc-duc… p4p1.github.io/havoc-store/

wrote a blog post on checklist in #pentesting and #infosec leosmith.wtf/blog/checklist…

Automated the creation of my resume through a javascript app I made over the weekend showcasing how to use AI and chat gpt in automating job search ^^ here is a blog post about it: #infosec #jobsearching #resume #chatgpt #softwaredevelopment leosmith.wtf/blog/ultimate-…

I did a new blog post on some wifi rogue access point with @hak5 wifi pineapple phishing using Modlishka to have true 2FA bypass in our rogue access points: #redteam #pentest #informationsecurity #Hacking #wifipineapple leosmith.wtf/blog/wifi-pine…

new blog post! on the basics of AV evasion special thanks to gatari to the amazing tool gocheck that I use in this post <3 #redteam #infosec leosmith.wtf/blog/basic-ant…

After completing the beginner and intermediary modules on Maldev Academy, I created my first evasive shellcode loader. It executes a payload using mapping injection via direct syscalls with Hell's Gate and includes several anti-analysis features. github.com/jakobfriedl/Be… #maldev

Havoc + Metasploit heresy some would say but I still did it. In this new blog post I showcase how to use metasploit to execute havoc shellcode. #pentesting #redteam #hacking #cybersecurity #infosec leosmith.wtf/blog/metasploi…

It's my first DLL Payload Loader with my learnings from MalDev Academy ! Check it out -> github.com/Cipher7/ApexLdr

How I discovered and exploited an unauthenticated SSRF in the Havoc C2 teamserver, allowing attackers to leak origin IPs of teamservers behind redirectors and much more! blog.chebuya.com/posts/server-s… github.com/chebuya/Havoc-…

First day at Crowdstrike, pushed a little update and taking the afternoon off ✌️

Made a quick blog post about PWA and phishing! check out also mr.d0x post on the same matter he was quicker than me to release and amazing work on his end! leosmith.wtf/blog/pwa-phish… #redteaming #infosec #pentest #phishing

“Paris 2024 Olympics” is the app built by the IOC for the Olympics. We decided to reverse it and here’s what we found: blog.malcore.io/p/paris-2024-o…

New havoc store plugin released today available directly inside of Havoc from Jenaye to run gosecretsdump on victim machines and collect good loot :) store: p4p1.github.io/havoc-store/ repo: github.com/matro7sh/havoc… havocframework.com #pentest #redteam #infosec #hacking

New havoc store plugin released today available directly inside of Havoc from @jenaye_fr allows you to run sharppersist on infected agents github.com/matro7sh/havoc… p4p1.github.io/havoc-store/ havocframework.com #pentest #redteam #hacking

New havoc store plugin released today available directly inside of Havoc from MaldExe over on github allows you to impersonate thanks to the ditto tool on infected agents github.com/MaldExE/Havoc_… p4p1.github.io/havoc-store/ havocframework.com #pentest #redteam #hacking

small blog post on llm prompt injection ^^ leosmith.wtf/blog/generatin…

blog post on hiding openvpn traffic through SSL to bypass firewalls in environments that only permit SSL on 443 #redteam #pentest #infosec leosmith.wtf/blog/hiding-op…