luks

Amazing episode with @PortSwiggerRes's @albinowax. Back when I started the pod in 2023, I envisioned episodes just like this. High signal, technical, depthful. If you're gonna catch any episode of CTBB, this would be a good one: youtu.be/aVfhWj3z6gk

BEFORE LE HACK 2025 | PROGRAMME OFFICIEL Nous dévoilons enfin le programme de notre Before LeHack du 26 juin à l'@ESGI. Osint-Fr, Hack the Box Meetup : France et les BrHackeuses vous ont concocté une soirée d'exception entre passionnés d'OSINT.

Today I used a technique that’s probably not widely known in the community. In what cases could code like this lead to a vulnerability? ->

Video demo of bypassing Windows Defender App Control with Loki C2! Blog with details coming in 1-2 weeks. Yes -- @d_tranman and I created an entire C2 in JavaScript and it bypasses all the things 🥷🧙‍♂️🪄

GOAD Writeup - Part 14: ADCS – The Rest Exploiting ESC 5, 7, 9, 10, 11, 13, 14, and 15 in Game of Active Directory. mayfly277.github.io/posts/ADCS-par…

Le prochain meetup aura lieu ce lundi 24/02👾 Au programme : - Pwn2Own Ireland : Retour d’expérience par @ImNotFl0 @___t0___ @MajorTomSec On recherche un 2ieme talk pour les accompagner, go dm 👀 📍Boulangerie Bar - 24/02 à partir de 19h (Salle du bas) #Cyber #infosec

Hello ! Rendez-vous ce lundi 25/11 pour le meetup de Novembre ! 👾 Au programme avec @Lefnui : - Analyse de la bootrom iOS 📍Boulangerie Bar - 25/11 à partir de 19h (Salle du fond) #Lille #Cyber #infosec

We're proud to announce LIGHTYEAR, a tool that let you dump files, blind, in PHP, based on a new algorithm. ambionics.io/blog/lightyear…

🔥💀After 40 hours of constant reversing of weird looking c++ and no sleep, I Finally cooked the CVE-2024-47575 fortimanager unauthenticated RCE 🩸

Right before #Pwn2Own Ireland 2024, @Creased_ found a vulnerability in Synology TC500 & BC500 security cameras. A blind format string exploit allowed code execution, but Synology patched it, securing the devices in time for the competition. synacktiv.com/publications/e…

A few months ago I've created a "Pefect DLL Loader". You can find some details on my article that was just published today ! The full implem can be found directly in the @defcon workshop in my github ! Hope you will learn something in this 😊 riskinsight-wavestone.com/en/2024/10/loa…

Made a cheatsheet list with all my most posts that match up to @TJ_Null's list of HackTheBox machines that are helpful with various OffSec exams. Currently covers three versions of OSCP, OSEP, and OSWE. 0xdf.gitlab.io/cheatsheets/of…

During a recent engagement, @Bandrel discovered how an attacker can craft a CSR by using default system certificates. After finding out this method was novel, the team kept digging. Read what they found in our new #blog! hubs.la/Q02SCqpG0

🌧️ On a rainy day, I dove into Pokémon Yellow glitches. Ever wondered how they work under the hood? As kids, we were already hackers manipulating bits in memory! 🔍👾 Read more in my latest blog post: swisskyrepo.github.io/Pokemon-Glitch…

Hello there La Defcon fait sa rentrée aussi ! Le prochain meetup aura donc lieu le 30/09👾 Nous recherchons un dernier talk/rump/workshop pour cette édition. Dm open 📍Boulangerie Bar - 30/09 à partir de 19h #Lille #Cyber #pentest #infosec

Google actually sponsored these courses because they want more Bug hunters to hunt for Android bugs. And my report shows that these courses can work! This sponsorship also means that you do not need a Hextree subscription to watch this content ;) hextree.io/hextree-x-goog…

Wrote a blog post on abusing exclusions to evade AVs/EDR which is stealthy, effective and an often overlooked topic. medium.com/seercurity-spo…

🚨SAVE THE DATE! 🚨 The 2nd Pwn conference of the month is coming up! @voydstack, Security Expert at @Synacktiv and active on Root-Me, will be hosting a live session on Heap exploitation this Friday 16 August at 8pm (UTC+2). 🔥Don't miss this analysis of memory management vulnerabilities! 💥 Join us on Twitch: twitch.tv/rootme_org

The official PortSwigger Discord is now open! 🎉👾 Join for access to exclusive events, feature previews, research releases, and to hang out with Burp Suite developers. Join for free here: discord.com/invite/portswi…

Don't miss out on @albinowax Listen to the Whispers white paper 👀 ow.ly/l1lK50STBz8 ow.ly/XZ7o50STBz7