sailay(valen)

I just created the tool which can help to get NT AUTHORITY\SYSTEM from arbitrary directory creation bugs. github.com/binderlabs/Dir…

@bugch3ck yes

@404death Does that include arbitrary read of locked files? 🤔

just weaponized ... arb file read to nt system. xD

As promised, here is the weapon that u can use your arb file read eop bug to nt system. github.com/sailay1996/vss…

Building the 0-Day Machine: Autonomous Vulnerability Research with Claude Code & MCP. 🤖💀 blog.zsec.uk/bullyingllms/

In response to CVE-2026-33825 (BlueHammer patch), The RedSun, a new unpatched windows defender EoP vulnerability has been publicly disclosed and can be found here - deadeclipse666.blogspot.com/2026/04/public…

New Mimikatz Researchers took an old version of Mimikatz and taught it how to dump credentials from the latest operating systems! The research: @tanrikuluatahan/fixing-mimikatz-sekurlsa-logonpasswords-on-windows-11-24h2-25h2-253e82866197" target="_blank" rel="nofollow noopener">medium.com/@tanrikuluatah… The repo: github.com/tanrikuluataha… #redteam #pentesting

As promised, UnDefend Denial of Service PoC for windows defender. deadeclipse666.blogspot.com/2026/04/funny-…

I’ll drop the PoC once it’s stable to use.

Publicly disclosing the bluehammer exploit, at the time of writing this, this vulnerability is still unpatched. Full PoC source can be found here - deadeclipse666.blogspot.com/2026/04/public…

Having AI feels like a cheat code, since we used to struggle to learn new things and get things done on our own.

Imagine leaked Claude code getting forked into tons of versions… what if some of them got C2 payloads slipped in?

Released WinDbg MCP — attach Claude (or any LLM) to a live Windows process and let it poke around. set breakpoints, read memory, walk the stack, load crash dumps. 55 tools over MCP. github.com/gengstah/windb…

I gathered ALL claude code's system prompts/prompts for agents in a repository: github.com/Leonxlnx/claud…

For a deeper look into this zero-day vulnerability, including the full root-cause analysis, proof of concept, exploitation, and patch analysis, check out our newly published blog post: zellic.io/blog/pwning-v8…

SOMEONE DROPPED A FULLY JAILBROKEN, OPEN-SOURCE, PRE-BUILT IOS 26 VIRTUAL MACHINE Repo: github.com/34306/vphone-a…

Stop asking LLMs to “find vulns.” Start using them to understand code. @Sw4mp_f0x walks through using Claude Code as a force multiplier in app assessments - faster analysis, fewer false positives, better outcomes. Check it out: ghst.ly/4rA3uJd

AI reverse engineering assistant for IDA Pro github.com/mrexodia/ida-p…

An automated N-day research pipeline at PwnFuzz. Ghidra + Ollama + n8n →Diffs Patch Tuesday binaries → LLM analyzes the output → Structured vuln reports, monthly AI-generated reports gets you oriented fast! Blog: ghostbyt3.github.io/blog/nday-rese… Repo: github.com/ghostbyt3/nday…

Fuzzing for Security Researchers 🤠 Starting with basic and fuzz testing in Foundry, then moving to stateful fuzzing with Echidna, Alex shows how stateless and stateful fuzzing can uncover bugs that traditional imperative tests often miss youtu.be/3A7aa5B8aak

Reverse Engineering a DOS Game with Ghidra and Codex alexbevi.com/blog/2026/03/1…