NetHack is one of the most complex and longest-lived open source programs ever written, and after 46 years, v5.0 shipped today. nethack.org/common/index.htm… And ... it is a VERY cool large codebase to work with in the LLM era.

I am excited to release the seventh article in the Exploiting Reversing Series (ERS). Titled “Exploitation Techniques | CVE-2024-30085 (part 01)” this 119-page technical guide offers a comprehensive roadmap for vulnerability exploitation: exploitreversing.com/2026/03… Key features of this edition: [ ] Dual Exploit Strategies: Two distinct exploit versions using Token Stealing and I/O Ring techniques. [ ] Exploit ALPC PreviousMode Flip Token Stealing: elevation of privilege of a regular user to SYSTEM. [ ] Exploit ALPC Pipes I/O Ring: elevation of privilege of a regular user to SYSTEM. [ ] Solid Reliability: Two complete working and stable exploits, including an improved cleanup stage. [ ] Optimized Exploit Logic: Significant refinements to the codebase and technical execution for better stability and predictability. The article guides you through the two distinct techniques for exploiting the CVE-2024-30085 Heap Buffer Overflow vulnerability. I would like to thank Ilfak Guilfanov (@ilfak on X) and Hex-Rays SA (@HexRaysSA on X) for their constant and uninterrupted support, which has helped me write these articles over time. I hope this serves as a definitive resource for your research. If you find it helpful, please feel free to share it or reach out with your feedback! Enjoy your reading and have an excellent day.

Full ADWS support landed with --use-adws --obfuscate flag works surprisingly well without breaking the xml github.com/aniqfakhrul/power…

this looks quite cool from @TurvSec pentestlist.com/tools

flashingestor: A TUI for Active Directory collection. - @MacmodSec github.com/Macmod/flashinges…

Sopa - A practical client for ADWS written in Golang github.com/Macmod/sopa

A sorting algorithm walks into a bar and orders

If you want to be a better hacker, be a developer. Be an admin. Set up infra. Build coding projects. Make an app that writes to a db. Or stores cookies. Or performs auth. You will find it easier to spot the cracks and failure points in systems once you have set them up yourself.

🎉 It is finally time for a new blog post! 🎉 Join us on our deep dive into Windows Authentication Coercion and its current state in 2025, including some brand-new tooling ✨ #itsec #infosec #pentest #redteam blog.redteam-pentesting.de/2…

Thanks @Flangvik! Great content as always!!!

Great work by @c3l3si4n =)

The guys at @RedTeamPT are on fire! Check out their tools if you haven't already =)

Awesome! Congratz @RedTeamPT =)

So far I have published 13 articles (862 pages) to help other professionals in the cybersecurity community: ERS 03: exploitreversing.com/2025/01… ERS 02: exploitreversing.com/2024/01… ERS 01: exploitreversing.com/2023/04… MAS 10: exploitreversing.com/2025/01… MAS 09: exploitreversing.com/2025/01… MAS 09: exploitreversing.com/2024/08… MAS 07: exploitreversing.com/2023/01… MAS 06: exploitreversing.com/2022/11… MAS 05: exploitreversing.com/2022/09… MAS 04: exploitreversing.com/2022/05… MAS 03: exploitreversing.com/2022/05… MAS 02: exploitreversing.com/2022/02… MAS 01: exploitreversing.com/2021/12… Even though I have very limited time to write, I hope to be able to share new articles soon. Have a great day. #reverseengineering #vulnerability #research #windows #chrome #informationsecurity #infosec #kernel #drivers #malware #windows #macOS #linux

Thanks for the mention and for figuring it out @safebreach, great work! :D

Why stuff goes down, in order: - DNS edit - BGP edit - Backhoe - Certificate expiration - Squirrel - East coast flooding - Someone cybernuked Virginia - DDoS - Someone literally nuked Virginia

humorProgrammingAdvanceThisIs redd.it/1hk0ow6