nol

Just popped on @msftsecresponse Q4 Security Researcher Leaderboard!

@thecyberdevhq thanks

The Exploiting Reversing Series (ERS) currently features 945 pages of exploit development based on real-world targets: [+] ERS 08: exploitreversing.com/2026/03/31/exp… [+] ERS 07: exploitreversing.com/2026/03/04/exp… [+] ERS 06: exploitreversing.com/2026/02/11/exp… [+] ERS 05: exploitreversing.com/2025/03/12/exp… [+] ERS 04: exploitreversing.com/2025/02/04/exp… [+] ERS 03: exploitreversing.com/2025/01/22/exp… [+] ERS 02: exploitreversing.com/2024/01/03/exp… [+] ERS 01: exploitreversing.com/2023/04/11/exp… In the coming weeks, I will publish new articles covering exploration in areas such as Windows, Chrome, iOS/macOS, and hypervisors. Have a great day and enjoy reading. #exploit #exploitation #windows #chrome #macOS #iOS #hypervisors #vulnerabilityresearch

@thecyberdevhq your link gives a 500 error

@payloadartist it is LLM's advantage is massive quantity over quality

"better than skilled humans" is a massive overstatement LLMs can never match human judgement agree?

this is legit the most impressive part. the exploit is nothing lol

@lildylannn did you check if `winget configure --enable` has to have been ran first on the machine for this to work ? I encountered this issue where if you use winget's DSC thing on a fresh computer that never used winget it would not run at all.

@lildylannn I used this winget DSC thing for initial access and persistence recently and it seems to be fairly reliable

I just dropped some research: DSCourier and would love for your opinion and to check it out!! It’s a novel post-exploitation technique abusing WinGet’s COM API to execute code through Microsoft-signed binaries. GitHub: github.com/DylanDavis1/DS… Blog: dylansec.com/DSCourier/

🚨‼️We have published a guide on mitigating the imminent AI security apocalypse Step #1: buy our tool Golden age of snake oil I stg. And the ‘tool’ is a prompt.

When I started out in Security I was worrying about Chinese government 0days, as we ran unpatched XP SP2 with local admin set to "everyone."

@_JohnHammond @AzakaSekai_ CreateFileA() leaks NTLM hashes, report it to microsoft!!!!11!!

@AzakaSekai_ WELL i meaaaann does directly opening it count??? 😂

next up opening paint leaks your NTLM

@UK_Daniel_Card pypykatz had this logic implemented since last year, most of this article is just porting that logic to mimikatz... without mentioning me. Again. At this point this is a running joke that I'm getting 0 fucking kudos either deliberately or by "forgetting"

@vxunderground saw multiple exploit devs saying it was likely them, but I don't have more intel

@nol_tech I don't think this is SBE

Another zero day exploit released by some nerd (can't remember name right now) because they're annoyed with Microsoft. It's been confirmed by other nerds. It is yet another legit zero day. Whew. github.com/Nightmare-Ecli…

@vxunderground pretty sure the nerd in question is sandboxescaper which used to work at msft but got fired for whatever stupid reason

> be random nerd > find zero day > report to Microsoft > microsoft being dumb > (idk the lore lol) > doesn't pay > nerd get mad > ooga booga > drops zero day > something else happens > microsoft doesn't pay (again) > nerd get mad (again) > drops zero day > pic related?

2) Deep Blue: A mixed client and server-side challenge involving client-side path traversal and a deep dive into PHP's source code to find parser discrepancies between PHP's and V8's JSON parsers for smuggling a JSON file as an image: - palm-screw-745.notion.site/Deep-Blue-33f5…

1) Secure Mood Notes: A two part challenges involving achieving a blind file read via an injection in a .htacess file, bypassing signature-based PHP hardenings on unserialize, and escaping a disable_functions PHP sandbox: - palm-screw-745.notion.site/Secure-Mood-No… 🔽

I just published my two writeups for this year FCSC's web challenges, I did my best to make them as exhaustive and detailed as possible: 🔽🔽🔽

Huge respect for actually doing something 👏 Experimenting with anti AI rules in CTF and writing post mortem

@deepdark888 @payloadartist surely dprk pays for ida licenses

@payloadartist Bro, not knowing cpp, java and python but expecting to understand IDA ?? Btw, IDA pro is expensive. I’d prefer ghidra

The North Korean hacker's starter pack. Fourt months intensive course to learn reverse engineering with IDA Pro using their official docs, and cybersecurity fundamentals.

U+00AF démission