FREE reverse engineering module now available! Learn assembly fundamentals - perfect for beginners. • Hands-on debugging with real examples • Web based: no downloads, installs, or VMs Start reversing here 👇

I put a BOF loader in a BOF so that you can run BOFs from a BOF. If you've had issues getting a BOF to work with CS's BOF loader in the past, you now have a drop-in way to get a little bit more compatibility. github.com/0xTriboulet/In…

Remotely enable the EFS service for Win11 systems? No problem with rpcping. Just worked for me from remote with a low privileged user. 🧐

Coercing machine authentication on Windows 11 /2025 using the MS-PRN/PrinterBug DCERPC edition, since named pipes are no longer used. Kerberos fails in this case due to a bad SPN from the spooler, forcing NTLM fallback.

Nice blog with BOF tool release “BadTakeover” & SharpSuccessor (github.com/logangoins/Sha…) update. Needed privs for account takeover: 📚OU: CreateChild 🎯Target: GenericWrite/WriteProperty or msDS-SupersededManagedAccountLink and msDS-SupersededServiceAccountState 🖥️ DC: Win 2025

rolled out a bof for getting the dpapi_system key used by mimikatz /system: when ingesting master keys. If that's something you need it's live at github.com/trustedsec/CS-…

Credential Guard was supposed to end credential dumping. It didn't. Valdemar Carøe just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled. Read for more ⤵️ ghst.ly/4qtl2rm

Remember the CredMarshalInfo trick? If you hadn’t applied the June 2025 patch, CVE-2025-33073 would have been critical. We know that in NTLM local auth, msg 3 is empty:You can drop sign/seal -> from Domain User to DomainAdmin escalation. 😅

EDR-Redir: You can break EDRs/Antivirus from user mode with bind link and cloud minifilter. Because your payload deserves privacy. #antimalware #itsecurity #redteam

Interested in an alternative approach to sleep masking for you malware? Check-out our latest blog post "Function Peekaboo: Crafting self masking functions using LLVM" by sabotage mdsec.co.uk/2025/10/functi…

اوسینت چقدر میتونه ترسناک باشه ؟

I am happy to present the latest blogpost I was working on. It is about enumerating and attacking MSSQL databases from both external and internal perspective. Hope you learn something from it and as always, any feedback is welcomed! r-tec.net/r-tec-blog-mss…

از برق من به آب من لول آپ شدیم

another exploited in-the-wild FortiWeb vuln? It must be Thursday!

New Metasploit Project aux module in the pull queue for the FortiWeb vuln (no CVE at this time). Based on the PoC captured and posted by Defused, it leverages an auth bypass to create a new local admin account on the target. github.com/rapid7/metaspl…

Attractive folks learn malware analysis. Meanwhile the truly intelligent ones are out there coding digital chaos🗿

🚨Cl0p Ransomware Claims 30 Victims 🇸🇦 Al Jomaih Automotive 🇺🇸 Fruit of the Loom 🇺🇸 Frontrol 🇺🇸 Humana 🇺🇸 Oracle 🇺🇸 Abbott Laboratories 🇯🇵 Mazda 🇱🇰 MAS Holdings 🇯🇵 Canon 🇮🇪 Trane Technologies 🇲🇽 Grupo Bimbo 🇺🇸 Bechtel 🇺🇸 Estée Lauder Companies 🇰🇼 Alshaya Group 🇸🇬 Fleetship

Black Friday Giveaway & Exclusive Discounts Win FREE access to: • 1 CRTE seat • 1 CETP seat How to participate: 1️⃣ Like this post 2️⃣ Comment which course you’re interested in and why 3️⃣ Repost Winners will be randomly selected and announced on December 2, 2025. Those who’ve

Pushed a big update to Crystal Kit. github.com/rasta-mouse/Cr…

you alive or dead again ! Cloudflare