Cross-site scripting (XSS) is probably the most prevalent high risk web application vulnerability nowadays. 📽️ In this video I show you a simple example of exploiting this vulnerability where I take control of a client's computer Follow me SecurityGuill for more about #infosec

If I started streaming about Metasploit Project framework usage / module development would you: (reply with other ideas)

CVE-2020-0688 (MS Exchange RCE) just landed to Metasploit Project, just needs a domain user with a mailbox for SYSTEM code exec github.com/rapid7/metaspl…

Weekend plans? Staying in? Me too, so I'll be live streaming some Ruby development as I work on a .NET serialization library for Metasploit tomorrow from about 12:30-14:00 EST twitch.tv/zeroSteiner

Looking through the "new" proton C2 framework like... Entynetproject zerosum0x0. I mean at least grep for koadic... github.com/entynetproject…

Been really enjoying #redteamfit and the stats the WHOOP is bringing! Looking forward to upcoming weeks. Thanks Dave Kennedy and syndrowm for creating and pushing such a fun group (:

Released version 2.4 of Rule Engine today, now with a new mapping data type github.com/zeroSteiner/ru…

"Tell us your date of birth and we'll guess your main."

Since it was made public, time to release! Big "External Email" phishing warnings on Outlook webapp & client can be obfuscated with some simple CSS/HTML injections into your phishing email. Writeup, Remediations & POC: whynotsecurity.com/blog/external-… #RedTeam

I've been building out a Python C2 to learn more about implant development. Feel free to take a look github.com/skylerknecht/c…. Constructive criticism is welcome.

MalwareTech Linux cannot get viruses because it’s open source

Be bored for two hours today. No Instagram. No Twitter. Just stare at the ceiling.

I like how federal student loans got delayed again, this time with the note "this is your final deadline"... So clearly they're not missing the money and covid isn't exactly going away. Can we just cancel them already?

We need to increase the default hotplate timer for coffee machines. Three hours minimum - anything less then I end up drinking four cups in thirty minutes trying to beat the timer. 😂

When I use WriteDacl to give myself GenericWrite

You should be building things with your friends and then talking about them. It doesn't have to be novel. You can just make things. github.com/skylerknecht/m…

While I'm a big fan of secure defaults, imo this new user consent setting is badly executed. There are no docs about what "current guidelines" means. Worse: the new default is now the "recommended" setting, while it's actually LESS secure than the prev recommended middle setting.

An awesome example for a Messenger payload