Stop wasting your time on Netflix, @OrangeCon_nl 🍊 has released this year’s talks. I’d recommend watching @pop_rbx research on remote and silent installation of extensions in Chromium browsers 🔥 LSASS is dead, long live the browsers ! youtu.be/DquDszi72EU

ProxyBlob is alive ! We’ve open-sourced our stealthy reverse SOCKS proxy over Azure Blob Storage that can help you operate in restricted environments 🔒 🌐 github.com/quarkslab/proxybl… Blog post for more details right below ⬇️

This series of posts is aimed at people who are new to the red teaming and malware developement fields. The goal is to explain some techniques and their sub-techniques based from the MITRE ATT&CK Framework. Let's start by the infamous Process Injection :

🦇 Introducing "Batblog", a free easy level Linux machine designed to be vulnerable. Your mission is to exfiltrate the 2 flags (user.txt & root.txt). Start this machine here : training.cyberwave.network

After two years of hard work with @virtualabs , we are proud to release for DEFCON32 the first public version of WHAD, a whole new ecosystem of opensource libs, tools & firmwares for wireless security ! The main repo is here: github.com/whad-team/whad-cl… . And now, demo time ! [1/n]

Henlo ! 🧙 Vous vous êtes déjà demandé si un super tool un peu obscure a déjà été présenté ? Si un article a déjà été décortiqué ? Si une technique d'exploitation a déjà été introduite ? Ou même si nos chercheurs et hunters adorés ont déjà été invités à partager leurs recherches ? En bref : la recherche youtube vous frustre ??? 🤔 C'est maintenant possible ET rapide à vérifier ! 🥳 A l'aide de nos meilleurs ingénieurs (haha), et de 50 lignes de python (hehe) : Vos plus grand rêves sont maintenant réalité ! 💝 - docs.google.com/spreadsheets… - gitlab.com/TheLaluka/yt-tls-… NB: Frontend non contractuel, il viendra.. Some day ! 🙃

We asked our community to select a new name for our cyber training platform and here it comes with a refreshed look 🏴‍☠️ Check this out : training.cyberwave.network Stay 1337 and tuned for upcoming challenges, vulnerable machines and CTF events !

Hello world 👋 In 2022, @0xNarek and I studied an APT named Serpent Group that has been discovered by @proofpoint and @VMware TAU. This threat actor targeted numerous french government entities during the 2022 presidential campaign. We reproduced their TTPs and came up with our own custom Serpent C2 Server. github.com/VirtualSamuraii/s…

Is remote code execution in UEFI firmware possible? Yes it is. Meet #PixieFAIL: 9 vulnerabilities in the IPv6 stack of EDK II, the open source UEFI implementation used by billions of computers. Full details by @fdfalcon and @4Dgifts in our new blog post: blog.quarkslab.com/pixiefail…

Salut, shalom, salam camarades. Voici la 3eme partie de la série « Anatomie des EDR ». Cette fois ci, on va voir les processus, services, PPL et clés de registre Windows, utilisés par un EDR. virtualsamuraii.github.io/re… #redteam #windows #edr #maldev

I've just started a blog on #maldev and #redteaming. Nothing fancy yet, just me trying to see if I've understood correctly. The first post is about a custom version of GetModuleHandle and GetProcAddress in #go. Check it out: blog.atsika.ninja/posts/cust…

Hello, Voici la partie 2 de la série d’articles Anatomie des EDR. Cette fois ci, on va voir le fonctionnement des drivers d’un EDR avec plus de détails (kernel, callbacks, minifilters, etc). virtualsamuraii.github.io/re… #redteam #maldev #edr #blueteam

Salut salut, Voici un premier article que j’ai pondu pour décrire de manière très vulgarisée ce qu’est concrètement un EDR. J’ai pris #SentinelOne en exemple car il est considéré comme étant l’un des leaders. virtualsamuraii.github.io/re… #redteam #maldev

I was playing with some AMSI bypass techniques and came across this talk blackhat.com/asia-22/briefin… by @maorkor I decided to implement AMSI context structure patching in current or remote process in #Go

When your code works, but you have no idea how

New CrackMapExec module to dump Microsoft Teams cookies thanks to @KuiilSec contribution✌️ You can use them to retrieve informations like users, messages, groups etc or send directly messages in Teams 🔥 Initial discovery by @NoUselessTech 🪂

zoczus.blogspot.com/2014/05/… XSS via reverse DNS. Haven't tried yet. #BugBounty #bugbountytips #bugbountytip @XssPayloads @theXSSrat

POV: you work in cyber security

Successfully reproduced the Gitlab Project Import RCE (CVE-2022-2185) Got headache while reading Ruby for last 2 weeks, but it worth definitely digging in Have good read! starlabs.sg/blog/2022/07-git…

Playing around with #FlipperZero. @FordFrance is that normal ?