The third series in our N-Day full chain exploit is out now! blog.theori.io/chaining-n-day… We exploited CVE-2023-29360, a beautiful logical vulnerability in the Windows driver, to elevate the privilege from user to SYSTEM. It was also leveraged by Synacktiv at Pwn2Own 2023

#Lazarus #APT x.com/BaoshengbinCum… Python Backdoor FTP Server : 67.203.7[.]245:21

Telegram has launched a pretty intense campaign to malign Signal as insecure, with assistance from Elon Musk. The goal seems to be to get activists to switch away from encrypted Signal to mostly-unencrypted Telegram. I want to talk about this a bit. 1/

Just finished redeveloping the Rubeus monitor plugin in C to avoid uploading a full Rubeus to exploit unconstrained delegation. For now I have the : - List/Inject/Dump tickets - AskTGT/AskTGS - TGTDeleg All the exe file are less than 20KB which is really nice.

🐧 It’s finally here! 🔍 The Linux EDR Telemetry Project results are live! After months of testing and collaboration, we’re excited to share how well EDR solutions handle Linux visibility. Thank you to everyone who contributed, shared feedback, and supported the project! Your

我们发布了 2024 区块链安全与反洗钱年度报告😶‍🌫️ 🇨🇳中文 slowmist.com/report/2024-Bl… 🇬🇧英文 slowmist.com/report/2024-Bl… 其他不多说，特别提下这点：在 InMist 情报网络合作伙伴的大力支持下，2024 年度 SlowMist 协助客户、合作伙伴及公开被黑事件冻结资金共计超过 1.12 亿美元。 感谢并继续战斗！🔥

So you want to exploit ADCS ESC8 with only netexec and ntlmrelayx ? Fear not my friend, I will show you how to do it 👇 NetExec now supports "Pass-the-Cert" as an authentication method, thanks to Dirk-jan original work on PKINITtools ⛱️

The fact that rednote's 小红书 (TikTok alternative)'s app literally contains the "backdoor" in several places in the app code is hilarious. Probably fallback protocols, but boy they didn't even try! 🤣

In case if you wonder what broke #ProcessHollowing on Windows 11 24H2, I have something for you: hshrzd.wordpress.com/2025/01/27/pro…

0x08 - Modern Windows Kernel Race Conditions wetw0rk.github.io/posts/0x08-mod… #pentesting #Windows #CyberSecurity #infosec

Introducing Stifle! A super simple .NET tool I spun up these past few days for abusing explicit strong certificate mappings leading to impersonation in Active Directory! Based off the research and powershell tools by Jonas Bülow Knudsen and SpecterOps last year. github.com/logangoins/Sti…

I have launched YSoNet (ysonet.net) and added #SharePoint CVE-2025-49704 payload generator to it as the first thing. Here is how this can work: Running command: ``` ysonet.exe -p sharepoint --cve=CVE-2025-49704 -var 1 -c "calc" ``` Running C# code: ``` ysonet.exe

Reverse engineering Microsoft’s SQLCMD.exe to implement Channel Binding support for MSSQL into Impacket’s mssqlclient.py. Storytime from Aurelien (Aurélien Chalot), including instructions for reproducing the test environment yourself. (link below)

The 2025 CrowdStrike Threat Hunting Report was released today. The OverWatch team did an incredible job stopping an unprecedented number of threats in the last year, Cloud intrusions are up 136% with China based cloud intrusions up 40%! Get the report: crowdstrike.com/en-us/blog/cro…

LeakBaseCTI: Targeted framework for investigating OSINT-related threat actors and reconstructing LeakBase datasets. GitHub: github.com/VECERTUSA/Leak…

Speaking at DEF CON was as fun as always! My new tool called RPC-Racer is now available. It masquerades as a legitimate RPC server to force a protected process to authenticate against an arbitrary server github.com/SafeBreach-Lab…

1/ An unnamed source recently compromised a DPRK IT worker device which provided insights into how a small team of five ITWs operated 30+ fake identities with government IDs and purchased Upwork/LinkedIn accounts to obtain developer jobs at projects.

Windows 11 24H2 Runtime PatchGuard Bypass github.com/NeoMaster831/k…

Windows Registry Forensics Cheat Sheet 2025 #DFIR cybertriage.com/blog/windows-r…

Powerview 2025.1.5: Added --obfuscate flag to obfuscate ldap filters and base DN. This is heavily inspired by github.com/Macmod/ldapx obfuscation logic by Artur Marzano Credits to the original research "MaLDAPtive" by Sabi and Daniel Bohannon