Malware/Exploit development Series:- Reverse Engineering Windows Defender's Antivirus Emulator i.blackhat.com/us-18/Thu-Augu… #blackhat #talks #reverseeingineering

Black Basta Bundles BYOVD With Ransomware Payload: bit.ly/3MukIcC by Rob Wright

Breaking eBPF Security: How Kernel Rootkits Blind Observability Tools matheuzsecurity.github.io/hacking/ebpf-s… #linux

‼️ A private shellcode loader with AV/EDR bypass capabilities is being sold starting at $500 for a lifetime license. Written from scratch in C++, C, and ASM, the loader features indirect system calls, signature masking, steganography-based shellcode delivery via image files,

闲来无事，WFP可利用驱动+1 github.com/kyxiaxiang/360… 🙃

A PoC UDRL for Cobalt Strike built with Crystal Palace that combines Raphael Mudge's page streaming technique with a modular call gate (Draugr) github.com/Cobalt-Strike/…

🚨 Windows Remote Desktop Services 0-Day Vulnerability Exploited in the Wild Source: cybersecuritynews.com/windows-remote… Microsoft has patched CVE-2026-21533, a zero-day elevation of privilege vulnerability in Windows Remote Desktop Services (RDS) that attackers are exploiting in the wild

Creation of multiple Malware tools consisting of evasion, enumeration and exploitation github.com/CaptMag/MalDev

Windows Notepad App Remote Code Execution Vulnerability PoC, github.com/BTtea/CVE-2026…

🚨 CISA Adds Six Microsoft 0-Day Flaws to KEV Catalog Following Active Exploitation Source: cybersecuritynews.com/microsoft-0-da… CISA has urgently expanded its Known Exploited Vulnerabilities (KEV) Catalog by adding six zero-day vulnerabilities, all affecting Microsoft products. This move

CobaltStrike-Linux-Beacon - Proof of Concept (PoC) implant for creating custom Cobalt Strike Beacons github.com/EricEsquivel/C… #redteam

🚨 Microsoft Office Word 0-day Vulnerability Actively Exploited in the Wild Source: cybersecuritynews.com/microsoft-offi… A critical zero-day vulnerability in Microsoft Word, tracked as CVE-2026-21514, was disclosed on February 10, 2026, allowing attackers to bypass essential security

Public PoC released for Windows Storage flaw. Attackers can gain SYSTEM privileges via WUDFHost.exe. Patch Windows 11 immediately. #WindowsSecurity #CVE #ExploitCode #InfoSec #CyberSecurity #SysAdmin #PatchTuesday securityonline.info/exploit-code-r…

Exploiting Reversing (ER) series: article 06 | A Deep Dive Into Exploiting a Minifilter Driver (N-day) exploitreversing.com/2026/02/11/exp…

CVE Database fedisecfeeds.github.io

OysterLoader multi-stage evasion loader -- blog.sekoia.io/oysterloader-u…

vx-underground PoC: github.com/dogukankurnaz/…

Huginn Project: Project to generate COFF-format shellcode with API for : - Indirect syscall API - Stack Spoofing - Proxied LoadLibraryA calls Great for UDRLs, stage0 and OPSEC-conscious shellcode. github.com/NtDallas/Huginn

🚀 PPLReaper Release Windows kernel driver + userland tool to inspect and manipulate Protected Process Light (PPL): • Query PPL • Remove PPL • Assign PPL github.com/S12cybersecuri… ⚠️ The driver must be properly signed or the system must be in Test Mode

It turns out that when I published my EDR Silencing article, I completely missed this repo. 🛠️ github.com/0xJs/BlockEDRT… 💡 It appears to rely on the same APIs, so the detection logic remains the same. 📝 ipurple.team/2026/01/12/edr…