Pinaki ❄️

Mythos' Firefox exploitation didn't actually have sandbox enabled and built on top of research from Opus. Shocker.

mere moments after the mythos announcement:

🧱 How to Break a WAF: ModSecurity CRS Blog: 0xinfection.xyz/posts/breaking… Author: @0xInfection

Published something that has been sitting in my drafts for quite sometime. This one is all about the cool bypasses that I stumbled upon during 1337UP0522 live hacking event where we tried to bypass ModSecurity CRS. 0xinfection.xyz/posts/breaking…

Xbow raised $117M to build AI hacker agents, in @AliasRobotics open-sourced it and made it completely free. Github: github.com/aliasrobotics/… Paper: arxiv.org/abs/2504.06017

TIL: there are apparently 1.4k potentially malicious MCP servers on GitHub. Cool research from VirusTotal! blog.virustotal.com/2025/06/what-1…

8 million requests, $400 later - we’re back. 🚀 We have demonstrated supply chain attacks that could have allowed us to trivially compromise critical infra. networks, including .gov, .mil, and more. This is real Attack Surface Management. labs.watchtowr.com/8-million-requ…

WhatWaf : Detect and bypass web application firewalls and protection systems : github.com/Ekultek/WhatWaf WAFW00F : It allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website : github.com/EnableSecurity… credits @sandrogauci @0xInfection

AgentPoison: Red-teaming LLM Agents via Poisoning Memory or Knowledge Bases arxiv.org/abs/2407.12784 Good read!

Cool read! Nice work from @ptswarm as always. swarm.ptsecurity.com/xxe-chrome-saf…

TIL: Terrapin Attack on SSH tunnels terrapin-attack.com Implementation of the fix in LibSSH2: github.com/libssh2/libssh…

@ETHICALEXO Its been quite some time I've written the tool, I think changes at the backend of canarytokens.org is why the generation of new tokens don't work anymore. However you can still go to canarytokens.org/generate and grab a new DNS token and supply via the -token argument.

@0xInfection I keep trying to run it but I can't figure out the canary token for the life of me. It keeps saying this: 2023/10/11 00:54:04 Trying to generate a new Canary Token... 2023/10/11 00:54:04 invalid character 'I' looking for beginning of value any help would be greatly appreciated

Since the final fix for the #log4j RCE vulnerability is out — I'm finally open-sourcing a scanning toolkit for CVE-2021-44228 that I developed over the weekend. Features include automatic Canary Tokens generation, request customization and many others. :) github.com/0xInfection/Lo…

@KodyKinzie You can also try chat.forefront.ai. Their personas are pretty fun to deal with.

ChatGPT launched plugins! There aren't many to choose from, but it was already able to list 3 star hotels in LA by room price for specific dates. I see this saving me time.

EPScalate An elevation of privilege vulnerability in QuickHeal's Seqrite Enterprise Endpoint Security Solution (EPS). github.com/0xinfection/ep… #cybersecurity #infosec #redteam

Back in 2022, I found a (stupid) local privilege escalation vulnerability in QuickHeal's @Seqrite Endpoint Security (EPS) AV product. Today I'm dropping some vulnerability details and a PoC exploit for the LPE. CVE and blogpost soon! 😄 Exploit: github.com/0xInfection/EP…

Can't believe its been over 2 months the event happened. Hacking cool targets, meeting hackers from around the world, what more could you ask for? 😄 Once again, cheers to @intigriti and @TheParanoids for organizing such a fun-filled event timeline! youtu.be/XeICEz81zuw

Recently, I was doing some research on #Kubernetes and scanned the entire IPv4 space for vulnerable clusters. Published a blog detailing the results: redhuntlabs.com/blog/unsecured… Also releasing a tool to detect exposed components studied in the research: github.com/redhuntlabs/ku…

@_JohnHammond People actually fall for this, lol. github.com/shishibabyq/CV…

There looks to be multiple of these, another one with a different SatoshiDisk link and "only selling FIVE copies".... scam methinks. Multiple files to look more legitimate? I've reported the account & repository to GitHub. https[:]//github[.]com/TimWallbey/CVE-2022-41082-RCE

This is not how anyone should use OSINT. This "challenge" is meaningless platitude. This thread post lays out a playbook for others to abuse OSINT. Please take a step back and consider what you’ve posted and all the different ways it could be misused.

Really enjoyed the F1 Qualifiers at Spa Francorchamps. What a remarkable way to end a live hacking event! ✨ Heartiest gratitude to @intigriti and @TheParanoids for making this happen and having me in this! ♥️