👀 github.com/MSNightmare/Rogue…

New #redteam tool for blocking EDRs: EDRChoker Instead of fully blocking the EDR agents' connections to their server, we can throttle their bandwidth so they consistently time out when sending data, which is effectively the same as blocking but avoids triggering "block" or "drop" packet events #pentest #cybersecurity Github: TwoSevenOneT/EDRChoker

Modern C2 implants use sleep masking & metamorphic code to stay hidden. We’re revealing how to unmask them using low-level runtime telemetry (ETW & CPU profiling) live in production including a POC with a lightweight sensor. My team will be presenting our research at x33fcon: x33fcon.com/#!s/SebastianFel…

🔐 Releasing LUKSbox: encrypted vaults that survive the next decade. Drop sensitive files on any cloud or USB. The provider gets one random-looking blob they can't read, even under subpoena. ✅ FIDO2 (YubiKey, Titan, Nitrokey, Windows Hello) ✅ TPM 2.0 keyslots ✅ Post-quantum hybrid (ML-KEM-768/1024 - FIPS 203) ✅ Detached header → zero metadata on the container ✅ Linux / macOS / Windows ✅ Rust, Apache-2.0, 30M fuzz iterations v0.1.0 is out! 👉 github.com/PentHertz/LUKSbox #infosec #encryption #postquantum #FIDO2 #rust #opensource #cryptography #penthertz

EDR Tradecraft: Internals, Detection, Evasion & Advanced Research TL;DR: Covers kernel callback APIs, file-system mini-filters, ETW providers, four detection engine model, syscall gates sleep obfuscation, call stack spoofing, ETW-TI HWD and more .... 0xdbgman.github.io/posts/edr…

In response to CVE-2026-33825 (BlueHammer patch), The RedSun, a new unpatched windows defender EoP vulnerability has been publicly disclosed and can be found here - deadeclipse666.blogspot.com/…

In collaboration with a couple of other leaders in the industry we are releasing SecurityTitles.com - It's an attempt to provide transparency about role levels, expectations and (just for the US market currently, salary ranges). For leaders writing JDs and candidates alike.

meet VMkatz, github.com/nikaiw/VMkatz

someone built a device that DETECTS when FEDS is SPYING on your phone nearby its called rayhunter, made by the EFF, and it costs $20 you buy a cheap mobile hotspot from amazon, flash it with their open source software, and carry it in your pocket feds use devices called stingrays that pretend to be real cell towers so your phone connects to them instead, once connected they can track your EXACT location, grab your phone identity, and potentially intercept your calls and messages counter-surveillance equipment used to cost THOUSANDS of $ and required serious technical knowledge now its $20 and fits in your pocket

New post on the MDSec blog and another Windows EoP.... RIP RegPwn - mdsec.co.uk/2026/03/rip-regp… Saying goodbye to a much loved EoP, by @filip_dragovic

Your EDR just coerced itself. 🫠 Drop a crafted LNK → MsSense.exe makes a CreateFile call → machine account hands over its Net-NTLMv2 hash over WebDAV → relay to LDAP → Shadow Credentials or RBCD. No user interaction. No exotic exploit. Just vibes and a shortcut file. If you're running Microsoft Defender for Endpoint, this one is literally about you. 👀 Full attack detection breakdown 👇 youtu.be/30Qiq_Gt_bA #purpleteam #MDE #NTLMcoercion #detectionengineering

Awesome real-life RedTeam infrastructure overview by @0XDbgMan 🔥🔥🔥 Juicy. 0xdbgman.github.io/posts/red…

''EDR Evasion with Hardware Breakpoints: The Blindside Technique'' #infosec #pentest #redteam #blueteam cymulate.com/blog/blindside-…

404 page to RCE. A report by @spaceraccoonsec He chained two old CVEs to achieve RCE: - Found a 404 page mentioning an obscure CMS, discovered /josso/signin login - Triggered CVE-2007-0450 (directory traversal in mod_proxy) using a \../ to bypass the internal proxy - Reached an unprotected JBoss web console on localhost (CVE-2007-1036) - Exploited Java deserialization with jexboss tool for full RCE Full report 👇 hackerone.com/reports/502758

Malware Development Basics: DLL Injection EDR Evasion: Hiding an elephant in the closet fluxsec.red/dll-injection-ed…

Hey guys! Here’s my latest research. I've dubbed it: Living off the Process😺. I wanted to leverage already existing artifacts in a remote process to execute shellcode. We will hunt for ROP gadgets, assembly stubs, preexisting RWX memory, etc! g3tsyst3m.com/lotp/Living-of…

#Voidlink, A new era of malware has arrived! We discovered that the framework was built nearly end-to-end using agentic AI. It stands as an alarming example of what experienced actors are capable of using artificial intelligence. research.checkpoint.com/2026…

Small update on "printerbugnew:" added a description of how to exploit CVE-2025-54918: DCs running 2025 allow reflection RPC->LDAPS - from a standard user to DA before patch😃 github.com/decoder-it/printe…

Dumping LSASS is old school. If an admin is connected on a server you are local admin on, just create a scheduled task asking for a certificate on his behalf, get the cert, get its privs. All automatized in the schtask_as module for NetExec 🥳🥳🥳