Introducing: Hells Hollow - Thought rootkit SSDT hooking was dead? Following my previous work, I have managed to essentially reintroduce SSDT hooks, capable of modifying the *original* KTRAP_FRAME and more! Whitepaper: fluxsec.red/hells-hollow-a… #infosec #cybersecurity

New TTP dropped! Yesterday Microsoft announced a new feature coming in January, 2026. Microsoft Intune's Unattended Remote Help for Windows: remotely access devices over the cloud without requiring end user involvement by signing in with credentials. Yay!

How the PetitPotam 🦛 attack is used to escalate domain privileges. #ThreatHunting #DFIR

If you have Active Directory Certificate Services (ADCS) in your environment, run Locksmith now! In Active Directory Security Assessments, we have found critical security issues in *most* ADCS configurations. The great thing about Locksmith is that it doesn't just highlight the

I remember that I had to do some research online on how to make exploits for vulnerabilities over MS-RPC. With this blog, I hope to fill the gap on the lacking information available online on how to make these yourself. incendium.rocks/posts/Exploit-…

Red teamers know the drill: endless file churning, hunting for passwords & tokens. 🔍 Meet DeepPass2, our new secret scanning tool that goes beyond structured tokens to catch those tricky free-form passwords too. Read Neeraj Gupta's blog post for more. ghst.ly/40HLNNA

During my #BHUSA talk I've released many ETW research tools, of which the most notable is BamboozlEDR. This tool allows you to inject events into ETW, allowing you to generate fake alerts and blind EDRs. github.com/olafhartong/Ba… Slides available here: github.com/olafhartong/Pr…

I have released all my prep notes prior to obtaining the #OSEE from OffSec. This includes material consumed before the AWE and after! You can find a link to it here: github.com/wetw0rk/AWE-PR…

“AlphabeticalPolyGen” - generates and executes a polymorphic shellcode variant of a specified shellcode file: github.com/Maldev-Academy…

mitmproxy is in the Microsoft Store, just in case you need it for some reason. #LivingOffMicrosoftStore

How a Windows reverse shell works. 🐚 #ThreatHunting #DFIR

knew win10 had the dsquery.dll laying around but never knew what to do with it "rundll32.exe dsquery.dll OpenQueryWindow" will pop open a console for you and you can do some light LDAP recon you can also open with with win + ctrl + f probably useful for VDI/Citrix type tests

frankensteined some code together to make a couple BOFs that set shadowcreds/rbcd for when proxying was acting up...maybe they're useful to you they dont clean up at the moment so that'll have to get added at some point...ops not done yet lol github.com/garrettfoster1…

See you at BSides Peoria on October 25, 2025! Excited to share this talk, and special thanks to Kyprianos Vasilopoul for his research contributions. #redteam #c2automation #bsides

Triggering shellcode on certain network status. Register your custom callback with InternetSetStatusCallback() and condition your payload execution on different network events. Excellent idea (w/ source code) by Debjeet Banerjee (db ) Link: gist.github.com/whokilleddb/59…

I just released Flareprox 🔥 A Cloudflare based Fireprox alternative that allows you to route HTTP traffic through Cloudflare, to gain mostly unique IP Addresses, to avoid detection and blocks.

Hard truths about Active Directory… - it’s older than most of the pentesters testing it - attackers know how to attack it as much as sysadmins know how to protect it - misconfigurations age like milk, not wine - once the domain is compromised, you’re basically looking at a

I put a BOF loader in a BOF so that you can run BOFs from a BOF. If you've had issues getting a BOF to work with CS's BOF loader in the past, you now have a drop-in way to get a little bit more compatibility. github.com/0xTriboulet/In…

Next week, BSides Peoria (IL), see you there! We’ve made some new integrations to SkyFall-Pack for the event. Special thanks to Kyprianos Vasilopoul for all his effort. #c2 #automation #redteam