Father Bobcat

🚨 RTVCron Ep. 5 is LIVE NOW 🎙️ @c4ch3c4d3 Local Large Language Models Join us for a practical walkthrough of running LLMs on your own hardware, including real constraints and strategies 📺 Watch now youtube.com/live/L8bYnzq4J…

Updated my PowerShell script "Invoke-ADLabBuildOut.ps1" so it now creates AD sites, subnets, and site links (based on the created sites). This script takes a newly built AD lab environment and makes it look like a production environment along with common security issues. github.com/PyroTek3/ADLab

DeadMatter Extracts LSASS credentials from memory dumps. Lightweight. Can be used to bypass AV/EDR. Usually is paired with DumpIt as both of them don't need GUI. Tested with Microsoft Defender and Kaspersky hackers-arise.com/digital-forens… @three_cube @_aircorridor #edr #apt #redteam

OSCP+ / OSEP Advanced Cheatsheet v3 anshu19981.github.io/Pentestcheatsh…

MICROSOFT OPEN-SOURCED THEIR ENTIRE SENTINEL SECURITY TOOLKIT most teams building on azure figure out threat detection the hard way trial and error, custom KQL, dashboards built from nothing, playbooks written by hand nobody told them it was already done the sentinel github repo has: ▫️ 1000+ pre-built threat detection rules ▫️ hunting queries for active threat investigation ▫️ automated response playbooks ▫️ security workbooks + dashboards ▫️ data connectors for 100s of sources the hard part was already done github.com/Azure/Azure-Se…

Here is my BOF POC (emphasis on POC...) of this research. As the README states it's not an operationally-ready tool, but it was neat research and I figure the code might be useful for someone else. Thanks to @lildylannn and his colleague for their work! github.com/Octoberfest7/D…

Introducing a new PCAP tool - OhMyPCAP OhMyPCAP is a standalone web application for analyzing PCAP files. View security alerts, browse network metadata (DNS, HTTP, TLS, flows), extract ASCII transcripts, and carve individual streams - all from a single-page UI.

@HackingLZ github.com/n00py/Outpacket Maybe useful

Made a quick BOF to exploit the currently unpatched BlueHammer vulnerability to dump SAM hashes from a low integrity context. github.com/incursi0n/Blue…

PSA: That 'Disable NTLMv1' GPO you set years ago? It’s lying to you. LmCompatibilityLevel set to 5 is not enough. silverfort.com/blog/ntlmv1-by…

Relayed NTLM creds are powerful, if you can use them. @senderend shows why browsers fail through ntlmrelayx SOCKS and introduces ghostsurf to make NTLM-authenticated web apps accessible. Read more ⤵️ ghst.ly/4tnJOtx

WMEye. tool for performing Lateral Movement using WMI and remote MSBuild Execution github.com/pwn1sher/WMEye

@SecurityAura Yes. EDR will block "SSH.exe" bring your own named different and it works most times. Connect to a different port than 22, say 31337,443,80 to test egress and protocol inspection. Similar to this I made/use github.com/rvrsh3ll/Bolth…

LOLFSAAS Living off Free SaaS Hundreds of SaaS platforms with free tiers, documenting abuse surface, opsec risks, authent methods, C2 framework mappings, and operational limits. lolfsaas.github.io

meet VMkatz, github.com/nikaiw/VMkatz

PDFs aren’t just documents. They’re attack surfaces. At RTV Overflow, @FilipiPires breaks down how attackers exploit PDFs to execute malicious JavaScript, inject shellcode, trigger heap sprays, exploit Adobe Reader, and exfiltrate data. 🗓 Feb 21, 2026 ⏰ 10:00 AM Offensive security pros won’t want to miss this. Watch live: youtube.com/live/r6rZ1QggZ…

@ryuketsumilly 私は歌が下手なだけで、自分が実力で負けているって分かってたよ🤣

ユダ様飲みに来てくれてうれしいけど、外国人に気を遣わせるくらいの勢いでフランク・シナトラ(またはシド・ヴィシャス)の"MY WAY"を朗々と歌い上げてるのウケる🥹💦 #スター館 #ロワンディシー #カラオケ

@dazzyddos Been doing similar thing thangs. ClickOnce's are great for deploying fun C2 in many forms. Nice 💯 github.com/rvrsh3ll/Bolth…

ADCS Attack Techniques Cheatsheet - Google Drive #gid=0" target="_blank" rel="nofollow noopener">docs.google.com/spreadsheets/d…

@_subTee reminded me that the Projected File System existed on Windows recently, so I decided to do a deep dive. Turns out - this is probably the best base technology for canary/deception features out there. There is also a splash of offensive use cases😎 @HuntressLabs Blog: huntress.com/blog/windows-p…