Datadog's security team has just released KubeHound, an open-source attack mapping tool for Kubernetes clusters securitylabs.datadoghq.com/articles/kubeh… kubehound.io Comes with 25 attack types, each one comes with step by step instructions of how to exploit it

New: internal documents provide more insight into GOST, a system used by ICE to find "derogatory" speech online. Analysts can then use a "thumbs up," "thumbs down" decision on the material, and feed it into visa decisions and immigration enforcement 404media.co/inside-ices-da…

Notepad++ vs VS Code

Your business process is a large part of your security posture and everyone seems to forget this 🤦‍♂️

The irony is… usb sticks could be how they got in 😂

06 - BruCON 0x0F - Red Team Tales: 7 Years of Physical Penetration Testing - Justin Wynn Red Team Wynns youtu.be/Ns-PvO6xUOI?si…

If you haven't seen this 1 hour talk recorded 1 month ago - highly recomended. Even shows how to adjust the shellcode to bypass defender (and many others?) Ace the OSEP Exam with Sliver Framework youtube.com/live/YwiSqdIhl… via YouTube

This is huge. As presented at #BlackHatEurope today, see how SafeBreach Labs researcher Alon Leviev developed a brand new set of highly flexible process injection techniques that are able to completely bypass leading EDR solutions. safebreach.com/blog/process-i…

Steam is the buggiest and biggest sack of shit, how the hell are you people still using it. Literally 2 bugs in 10min… what the goddamn hell this is almost 2024 🤦‍♂️

Potentiel shitstorm ahead: CVE-2023-51385: OpenSSH OS command injection vulnerability. Merry Christmas! vin01.github.io/piptagole/ssh/…

Inflight wifi didn't work so of course I had to debug it. It appears the problem is lack of DHCP lease. The WiFi was using 8 hour leases, which was time enough for many planeloads of passengers to embark/disembark. A quick ARP scan at the time showed there were 55 devices on the

I had a lot of fun working on this research! * Unauthenticated RCE? ✅ * Overlooked attack vector in Kubernetes? ✅ * Nginx quirks? ✅ * Stable & reliable exploit? ✅ Check out the thread for details about the vulnerability we found in Ingress Nginx Controller 👇

This is sweet, nimdump - dumping LSASS using only NTAPI functions (written in nim): NtOpenProcessToken, NtAdjustPrivilegesToken, NtGetNextProcess, NtQueryInformationProcess, RtlGetVersion, NtReadVirtualMemory, NtQueryInformationProcess,NtQueryVirtualMemory,

Evilent - a PoC tool that triggers the ElfrOpenBELW procedure in the MS-EVEN RPC interface (used for Windows Event Log service), causing the target machine to connect to an attacker-controlled SMB share github.com/Thunter-HackTe…

Impersonate another user by moving their Kerberos tickets into your logon session with lsa-whisperer by Evan McBroom. You can even move them back after you are done. Only your session will loose its tickets.

Use SuperGrok to check your C code for vulnerabilities. Here is a prompt you can give to Grok with your code. >>> You are an expert Exploit Developer with a deep understanding of the C programming language and secure coding practices. Your role is to thoroughly review the

CVE-2025-59287 … loookin awfully SUS hawktrace.com/blog/CVE-2025-…

someone built an AI RED TEAM that maps your entire attack surface as a knowledge graph, finds every vulnerability, then EXPLOITS them to root access AUTONOMOUSLY its called RedAmon, 9,000 templates. 17 node types, actual Metasploit shells, not reports, no pentesters needed 6

Kali & LLM: Completely local with Ollama & 5ire: We are extending our LLM-driven Kali series, where natural language replaces manual command input. This time however, we are doing everything locally and offline. We are using our own hardware and not… kali.org/blog/kali-llm-…