you know I keep this thing on me

next blogpost will be about tunneling, remote operations and cooler implant designs i will drop the tunneling project and it's core component as a separate lib

wtf :(

nightmarish tech stack

was messing with claude to see if it hallucinated and well..

I don't pay for premium, so please read the longform in the picture. TLDR: Cool new VS x86/x64 shellcode template from alex short 🇺🇦 at github.com/rbmm/SC_DEMO, he lives in Ukraine and is looking for remote work, help him make a connection if you can.

Found an SSRF in Sliver C2 (CVE-2025-27090), allowing an attacker to read and write TCP traffic through affected teamservers. Demo shows leaking the IP of a Sliver teamserver hidden behind redirectors Writeup and PoC in replies

A lot of fun techniques coming out of the mdsec crew! Fortunately, this one is fairly easy to spot github.com/elastic/protec…

Hi friends!! 🩷 I’m looking for a new RE role to support me while I’m in grad school! I’ll be kind of in the woods, so remote roles are preferred! Recently I’ve been doing firmware RE/VR, but I got started doing malware RE and I love it lots (1/3)

Been working on a rule engine for dynamic malware analysis - ingests telemetry from a 'sensor' and runs rules and sequences of rules on event data it receives. Currently writing the flagship sensor, but the library itself is available to experiment with: github.com/badhive/alca

Our red team is growing and we have a rare open position for a Principal RT Operator - if this sounds like you, get in touch 🙏 MDSec

I've finished most of the development for Governor, the flagship Windows 'sensor' / telemetry source for the ALCA engine. Governor can now be used alongside ALCA for dynamic signaturing of Windows malware github.com/badhive/alca github.com/badhive/govern…

With some guidance from DebugPrivilege I've found a way to easily dump clear text implants even while they sleep. Bad day for sleep obfuscation 💤 blog.felixm.pw/rude_awakening…

We listened when folk told us minutes matter, with attacks around the cloud often automated and notoriously fast. We offer sub-second latency detections for AWS honey tokens (long lived access keys), across every AWS region. No other vendor currently comes close to this (most

x.com/i/article/1919…

spacebar keys now considered dual use goods

🛠️Join Rad and 5pider for onsite-only workshop at #x33fcon! Build a fully functional ransomware prototype and uncover the mechanics behind this persistent threat. Learn file encryption, stealth tactics, and how to bypass anti-ransomware tools, with a deep dive into Windows