optional

2K posts

optional

@optionalctf

The proud owner of two brain cells. HTB with @barctf | OSCP, CRT, CRTL

انضم Ocak 2019

292 يتبع4.4K المتابعون

تغريدة مثبتة

optional@optionalctf·28 Şub

Introducing C2structor, a deployment tool to automate red team infrastructure within AWS. Utilising Terraform and Ansible to allow for seamless customisation to each individual's use-case. Currently supports C2 deployment, redirectors and phishing inf. github.com/optionalCTF/C2…

English

757

optional أُعيد تغريده

Ben Sadeghipour@NahamSec·11 Şub

Unfortunately most of the execs at these bug bounty platform fail to understand one thing: Your platform isn't your product... your hackers are. 🤷🏽‍♂️

English

569

29.9K

optional أُعيد تغريده

Patrik Grobshäuser@ITSecurityguard·29 Oca

built a web interface for Obsidian.md so you can access your vault from any browser using cloudflare tunnels + your own hostname. No more being stuck with notes on one machine, no installing clients on work computers you don't control 👀 👇 github.com/PatrikFehrenba…

English

6.1K

optional أُعيد تغريده

Brave@brave·13 Oca

Windows Latest@WindowsLatest

Breaking: Microsoft plans to load Copilot inside File Explorer on Windows 11. References in preview builds point to “Chat with Copilot" and “Detach Copilot" in File Explorer. Right now, Copilot in File Explorer shows up only when you right-click files and the Copilot app is installed. However, now Microsoft wants Copilot to appear within File Explorer, rather than redirecting you to a separate app. This move will make Copilot feel more native in File Explorer.

ZXX

221

1.1K

13.3K

784.7K

optional أُعيد تغريده

klez@KlezVirus·15 Ara

[RELEASE] As promised, I’m releasing the first blog post in a series. It covers the gaps still present in current stack-based telemetry and how Moonwalking can be extended to evade detection logic and reach “on-exec” memory encryption. Enjoy ;) klezvirus.github.io/posts/Moonwalk…

English

113

341

28.3K

optional أُعيد تغريده

Bobby Cooke@0xBoku·7 Kas

Venom C2 tool drop! 🐍 During a recent red team engagement we needed a simple python agent that needs no dependencies to setup persistence on some exotic boxes we landed on. Some had EDR so we didn't want anything off-the-shelf. The server, agent, and client were made mid-engagement and kept our foothold for weeks. I have no use for this anymore, so thought i'd share it instead of letting it evaporate into the /dev/null. Link to boku7/venom GitHub repo : github.com/boku7/venom

English

406

42.8K

optional@optionalctf·4 Eki

Labour's 1984 shit show is already showing cracks and backfiring. Can't wait to see the shit show Digital ID gets compromised because they rushed to implement something no one wants...

vx-underground@vxunderground

Discord has begun sending e-mails notifications about a cybersecurity incident which occurred September 20th, 2025. It appears people who submitted support tickets are the ones primarily impacted. Literally peoples entire identity stolen from this shit

English

386

optional أُعيد تغريده

Nathan McNulty@NathanMcNulty·2 Eki

It gets better ;) I totally forgot about this little persistence method, lol

Nathan McNulty@NathanMcNulty

Hahaha, wow... 😮 If you leave App passwords enabled and enforce MFA through per-user MFA, the MFA enrollment wizard actually makes the user to create an app password 🤯

English

110

15.5K

optional أُعيد تغريده

kreep@kreepsec·30 Eyl

AWS quietly updated T&Cs to ban “Fireprox”style use of API Gateway closing a handy pentest trick. @ZephrFish and @turvsec already rolled alternatives such as Omniprox and Flareprox. Banning tools only hampers legit testers, attackers will proxy anyway.

English

5.5K

optional أُعيد تغريده

Dominic Chell 👻@domchell·25 Eyl

This release is probably going to be one of our biggest and most impactful! Kudos to the team @peterwintrsmith @modexpblog @s4ntiago_p @GigelV41464 @saab_sec 🙌

MDSec@MDSecLabs

We're really bringing the 🔥 with our next Nighthawk release - Janus - nighthawkc2.io/janus/

English

100

15.2K

optional أُعيد تغريده

ThePrimeagen@ThePrimeagen·7 Eyl

i never saw this coming

English

319

1.3K

20.9K

808K

optional أُعيد تغريده

SpecterOps@SpecterOps·12 Ağu

PDQ SmartDeploy versions prior to 3.0.2046 used static, hardcoded encryption keys for cred storage. Low-privileged users could potentially access admin creds from registry or deployment files. @unsigned_sh0rt unpacks his testing in his latest blog post. ghst.ly/4mjyuvw

English

129

15.7K

optional أُعيد تغريده

Jord@0xLegacyy·12 Ağu

Developing a scriptable (pwndbg-like) debugger for windows. Few more things we need to iron out but will be releasing soon 🐸

English

165

11.5K

optional أُعيد تغريده

Adam Langley@BuildHackSecure·9 Ağu

Here’s my slides from today’s “Regex For Hackers” talk at DEFCON with @NahamSec, bookmark this for some exciting news in the near future docs.google.com/presentation/d…

English

489

35.7K

optional أُعيد تغريده

kreep@kreepsec·11 Ağu

Had an awesome time at #DefCon 33. Lots of new discoveries, first time speaking at the #redteamvillage along with @zer0phat and met lots of cool people. Looking forward to the next one!

English

449

optional أُعيد تغريده

RedTeamVillage@RedTeamVillage_·30 Tem

💻 ModuleOverride – Changing a Tyre Whilst Driving – @zer0phat & @kreepsec teach process injection using existing memory sections to run malicious shellcode. Hands-on demos and detection strategy discussions at @redteamvillage_ during @defcon 33! ⚡

English

1.1K

optional أُعيد تغريده

/ˈziːf-kɒn/@x33fcon·19 Tem

#x33fcon 2025 talks: @domchell - Hiding in Plain Sight > youtu.be/GyoxCTYPAus

YouTube

English

5.5K

optional أُعيد تغريده

vx-underground@vxunderground·15 Tem

ZXX

58.2K

optional أُعيد تغريده

watchTowr@watchtowrcyber·11 Tem

Happy Friday! We're ending the week by publishing our analysis of Fortinet's FortiWeb CVE-2025-25257.... labs.watchtowr.com/pre-auth-sql-i…

English

107

286

32K

optional أُعيد تغريده

Adam Chester 🏴‍☠️@_xpn_·11 Tem

PSA to anyone struggling, don't be told that "you're just worried", "you're just feeling sad", "you're overthinking things"... depression, anxiety, OCD, ADHD, Autism are killers. Talk, and advocate for yourself!

Adam Chester 🏴‍☠️@_xpn_

Finally landed on an OCD diagnosis yesterday, the fucking relief is unreal. Not like it's a shock, but it's been a loooooong time to get to this point. Look after your mental health h4xx0rz! youtube.com/watch?v=NDBRjB…

English

5.9K

optional@optionalctf·11 Tem

Nothing like scratching the bug bounty itch with several crits to end the night. Now to rest ready for Steelcon

English

266

اكتشف

@ZephrFish @turvsec @peterwintrsmith @s4ntiago_p @GigelV41464 @saab_sec @unsigned_sh0rt @NahamSec