This is my first Linux kernel exploit for Google kCTF, and the patch commit is now public: git.kernel.org/pub/scm/linux/… Actually, this bug was found by AI while analyzing 1-day variants, I'd like to share my approach for these AI things to find bug, and exploitation write-up later.

Yo , a new blog about all initial access teq Payload Dev | Phishing & MFA Bypass | Credential Attacks | App Exploitation | Social Engineering | Physical & Supply Chain Attacks 0xdbgman.github.io/posts/initial-… #RedTeam #Phishing #apt #InitialAccess #payloaddev

x.com/i/article/2027…

红队操作架构图 kypvas.github.io/red-team-map/ 涵盖 C2、规避、注入、持久化、凭证访问、权限提升、AD 攻击、云运维、MOTW 绕过、语音钓鱼、AI 等诸多方面。

Defeating Windows DEP Using ROP Chains Leveraging VirtualAlloc screetsec.com/blog/defeating…

Malware Reverse Engineering for Beginners 0x00 intezer.com/blog/malware-r…

How Kernel Anti-Cheats Work: A Deep Dive into Modern Game Protection s4dbrd.github.io/posts/how-kern… #reverse

redStack: Boot-to-Breach red team lab on AWS. Mythic, Sliver, and Havoc C2 behind a production-style Apache redirector. Deployed via Terraform github.com/BaddKharma/red… #redteam

论文来了。名字叫 MSA，Memory Sparse Attention。 一句话说清楚它是什么： 让大模型原生拥有超长记忆。不是外挂检索，不是暴力扩窗口，而是把「记忆」直接长进了注意力机制里，端到端训练。 过去的方案为什么不行？ RAG

Debugging - WinDBG & WinDBGX Fundamentals by Corelan corelan.be/index.php/2026…

This is an AI / LLM discovered Windows kernel driver vulnerability & exploit. My workflow for this is below (I'll stick any resources in the comments below): So, posting the (awesome) video yesterday of using LLMs to identify vulnerable code from repo's, I had a question in the

Claude code source code has been leaked via a map file in their npm registry! Code: …a8527898604c1bbb12468b1581d95e.r2.dev/src.zip

【Offsec】OSED合格体験記｜tak💀yassan zenn.dev/taksecbe/artic… #zenn

Another zero day exploit released by some nerd (can't remember name right now) because they're annoyed with Microsoft. It's been confirmed by other nerds. It is yet another legit zero day. Whew. github.com/Nightmare-Ecli…

claude-red is a curated library of offensive security skills designed for the Claude skills system. Each skill is a structured SKILL.mdfile that primes Claude with expert-level methodology for a specific attack surface from SQLi to shellcode, EDR evasion to exploit development.

Malware Development Essentials for Operators TLDR; This is an walkthrough from a MessageBoxA call all the way to a kernel rootkit doing DKOM process hiding and callback abuse. Dynamic function loading, PEB walking, IAT hooking etc... Blog:- f00crew.org/0x33

Finding Zero-Days with Any Model provos.org/p/finding-zero…

I am a bit late to the "Mythos" clickbait. But here we go: Why Mythos doesn't matter (for us) hacktron.ai/blog/why-mytho…

一刻也没有为CopyFail的离去而感到悲伤，接下来到达战场的是：Dirty Frag！ git clone github.com/V4bel/dirtyfra… && cd dirtyfrag && gcc -O0 -Wall -o exp exp.c -lutil && ./exp

HashDump-BypassEDR：github.com/AabyssZG/HashD… 通过系统白程序 Reg.exe 的拓展应用，巧妙绕过EDR的拦截点，实现绕过EDR从而DumpHash😈 该方法针对Windows系列均有效，操作难度不大，具有实战价值🥳 本项目实战文章：blog.zgsec.cn/archives/EDR-D… 源代码和Release已发布，师傅们麻烦点个Star，万分感谢！😍