List of 32 Smart Contract Vulnerabilities Which every Alpha Smart Contact Auditor should know immediately 😈 l’d appreciate a retweet, spread the knowledge 🫡github.com/kadenzipfel/sm…

While studying #WHfB, I found the location of #PRT & session key and built a POC to decrypt both (on non-TPM computers). Before bringing in the heavy tooling, I was wondering does Dirk-jan or 🥝🏳️‍🌈 Benjamin Delpy know how the CloudAP cache path or password is generated?

[BLOG] Bypassing Defender with ThreatCheck & Ghidra offensivedefence.co.uk/posts/threatch…

This video shows my PoC for libssh CVE-2023-2283 (authentication bypass vuln). The attacker logs in with ED25519 authentication, despite not knowing the private key.

Excited to launch: Malware.rip a free community website to allow anyone to upload suspicious files and view them in a safe way without any chance of getting infected/hacked. We have also launched a Bug Bounty Program for the same website with prizes totalling USD

Learnings from 42 kernel exploits. The new kernelCTF. Responding to io_uring security problems.. and more! security.googleblog.com/2023/06/learni…

🔖 AWS Pentest Methodology A high-level methodology of how one could conduct a penetration test inside the AWS platform. medium.com/@MorattiSec/my…

New blogpost! In this post we analyse CVE-2023-29300, a pre-auth RCE in Adobe ColdFusion via unsafe Java Reflection invocation. blog.projectdiscovery.io/adobe-coldfusi…

📃My first published solo smart contract security report. It contains 2 High, 6 Medium & 8 Low severity issues. The client was happy and offered me another solo audit. github.com/gkrastenov/aud…

I wanted to give the new VS BOF template a go, so I've implemented James Forshaw's SCMUACBypass into the Elevate Kit. You just need a suitable Kerberos ticket in your cache (from whatever attack chain you like) and it takes care of the LPE for you.

Chandrayaan-3 Mission: 'India🇮🇳, I reached my destination and you too!' : Chandrayaan-3 Chandrayaan-3 has successfully soft-landed on the moon 🌖!. Congratulations, India🇮🇳! #Chandrayaan_3 #Ch3

Chandrayaan-3 Mission: 🔍What's new here? Pragyan rover roams around Shiv Shakti Point in pursuit of lunar secrets at the South Pole 🌗!

Happy to share a new Active Directory audit tool to the cybersecurity community : AD Miner (aka #Bloodhound on steroids) can help you: ⏩Check more than 40 attack vectors or weaknesses ⏩Uncover most risky control paths ⏩Prioritize and track mitigations efforts

Waiting for Red Teamers to figure out that this allows dumping keychain items…

New Pacu module & two-part blog post: Attacking AWS Cognito with Pacu Part 1: bit.ly/46mILPf Part 2: bit.ly/3rIadYV

Here’s a new writeup! I go over attempts trying to find a 0day. It took a few attempts but pwned Apple again and netted total bounties of $40k.

My new blog has arrived. A lot of what is in here mimics APT29 (Midnight Blizzard) Tradecraft. Some good nuggets also on using Evilginx development mode for phishlet development if you don’t want to expose a VPS. Enforcing cloud native in Entra ID? I got you covered with a

This strange tweet got >25k retweets. The author sounds confident, and he uses lots of hex and jargon. There are red flags though... like what's up with the DEI stuff, and who says "stack trace dump"? Let's take a closer look... 🧵1/n

You have just finished remediating your last machine impacted by #crowdStrike #bluescreen, but now you have no idea who can access all the BitLocker keys you just exported! 𝐓𝐢𝐦𝐞 𝐭𝐨 𝐑𝐨𝐭𝐚𝐭𝐞 𝐲𝐨𝐮𝐫 𝐁𝐢𝐭𝐋𝐨𝐜𝐤𝐞𝐫 𝐤𝐞𝐲𝐬! The full article along with device action

You can now jailbreak your AMD CPU! 🔥We've just released a full microcode toolchain, with source code and tutorials. bughunters.google.com/blog/542484235…