CryptoCat

Want to become an ethical hacker? 🥷 Here's a list of my favourite [mostly practical] resources 📚 They are all free (or have a free option) and there's more high quality material here than anybody realistically has the time to complete ⏳

@watchtowrcyber Maybe that explains the mystery disappearance from @yeswehack 😅 Looking forward to this one! 👀

speak next week friends

We had to release this one before @rez0__'s brain started returning 429s. Everything you always wanted to know about using AI to help you hack. ...or is it you who's helping the AI? 👀 youtu.be/qTX9u-EsjmM

@albinowax Gonna keep guessing LLM hacking, maybe one day I'll be right! 😅

I've just submitted my latest research to Black Hat USA! This one has been cooking since last June, can't wait to share it with the world... in fact I'm quite excited just to see the community reaction to the title reveal.

We got frustrated with dealing with vendor dependencies when reverse engineering large applications. @ITSecurityguard from @SLCyberSec’s Sec Research Team built Hyoktesu to solve this problem forever: github.com/assetnote/hyok… - releasing this today! Blog: slcyber.io/research-cente…

Spent a week testing AI for vulnerability research. 14 confirmed bugs in 20 min on one target. 5% hit rate on a hardened one. Same AI, same setup. 4 approaches, what worked, what failed, why target selection matters more than model sophistication. xclow3n.github.io/post/7

Happy St Patrick's day ☘

Now You See mi - Now You're Pwned: Exploiting Xiaomi Smart Cameras for fun and credit labs.taszk.io/articles/post/… Our intern's research post is up, full code of an RCE exploit + a "cloud jailbreak" released with it. After embargo expiry, 3 vulnerabilities currently remain unfixed.

ZeroDayBench: Evaluating LLM Agents on Unseen Zero-Day Vulnerabilities for Cyberdefense arxiv.org/pdf/2603.02297

2FA code? Just press back two times and you’re in 😅 This is insane ….

@thedawgyg I've never used a Mac, iPhone, iPad etc in my life!

This is why I ask before any interview. If you want me to use/work on Windows for a job, minium pay must be 7 figures total comp, otherwise I will reject it. If I am going to drad work everyday, your gonna compensate me well for it lol

Announcing #Pwn2Own Berlin 2026! We've got 10 categories for targets, including an expanded #AI target list. We have 4 AI categories - including coding agents (looking at you #Claude). More than $1,000,000 in cash & prizes available. Read the details at zerodayinitiative.com/blog/2026/3/11…

@0xAsm0d3us Would be interesting to see the agents/skills you used when finding these vulns 👀

Needle in the haystack: LLMs for vulnerability research I've distilled my experience of sending thousands and thousands of prompts for using LLMs to discover vulnerabilities into a single write-up. These are the conclusions I came to.. (link in comment)

🎤👾 Introducing Hacktics and Telemetry, a bi-weekly video and audio podcast out of Rapid7 Labs, starring Rapid7's @fulmetalpackets & @_CryptoCat! 🧵 Find Ep 1's companion blog here: r-7.co/4di8tuH ▶️ Or dive right into the full vid on YouTube: r-7.co/3NiQfP2

this PoC made me literally laugh out loud holy shit Normal World: - server sends challenge - client completes challenge - server ok This Bug: - server sends challenge - client NO U - server ok

@rapid7 PoC from @stephenfewer 🔥 github.com/sfewer-r7/CVE-…

🚨 CVE-2026-20127: Cisco SD-WAN authentication bypass. An unauthenticated attacker can inject SSH keys without crypto verification via a flawed state machine. Active exploitation by UAT-8616 since 2023 💀 Check out the full @rapid7 analysis 👇 attackerkb.com/topics/bP3FMvH…

I think I have completed client-side security , just one report: Self-XSS -> Drag-Drop Payload -> Scroll-To-Fragment -> Unchecked postMessage Listener -> Text Injection -> DOM-XSS -> OAuth State Misconfiguration -> Cookie Bomb -> Account Takeover @renwa/iframe-sandbox-bypass-cross-origin-drag-drop-unvalidated-postmessage-origin-cookie-bomb-to-21357a4d94f5" target="_blank" rel="nofollow noopener">medium.com/@renwa/iframe-…

Just published the writeup on qwik's deserialization RCE: sebsrt.xyz/blog/a-qwik-rc…

And this makes sense given how many CTFs are held per year. However, the ideal CTF challenge, in my opinion, should follow this formula: "The author conducted a mini-research project and instead of publishing it, turned it into a challenge."