Melvin langvik

Had a blast presenting at #DEFCON30 today, GitHub repo for TeamFiltration is online! github.com/Flangvik/TeamF… Thank you so much for all the amazing feedback, can't wait to see what this tool looks like in a year now that it's public!

It's that time of the year again: Deserialization vuln in SharePoint: thehackernews.com/2026/03/cisa-w… Under active exploitation, just in case you were wondering.

@MDSecLabs github.com/Flangvik/RegPw…

This week’s video covers CVE-2026-24291, a Windows LPE nicknamed RegPwn by the team over at @MDSecLabs. As a part-time sloperator (Google it), I whipped up a quick RegPwn BOF, and in the video I demo it with Mythic and Apollo. Link below.

@MDSecLabs youtu.be/lmiRXweisS0

[RELEASE] Better late than never! Part 3 is out! Fantastic unwind information and where to find them. We went digging through .pdata, RTF Lookups, and a few ntdll internals that probably weren't meant to be touched. BYOUD dropping alongside. Enjoy 😉 klezvirus.github.io/posts/Byoud/

@roguekode @HackingLZ @grok make this priest go full john wick with two mac-10 uzis

I always forget about this

The next ShellcodePack version supports AppDomain injection payloads! We also simplified and improved DLL sideloading/proxying and updated the EDR bypass profiles. Sideload anything with a few clicks! 😎 #redteam

Here is the blog post for the CVE I mentioned yesterday! This was a fun find, and there's a few neat tools released to boot :D

I caught my first CVE :D msrc.microsoft.com/update-guide/e… Blog post inbound at TrustedSec.com tomorrow!

Titanis v0.9.205 released => github.com/trustedsec/Tit… Major enhancements include an LDAP client, Kerberos PKINIT across the tool set, registry tool (Reg), and Sddl tool for describing/converting SDDL.

Finally collected some of my blogs and presentations over the last couple years in one place zyn3rgy.io

@_RastaMouse Posted this in chat last week, @two06 confirmed accurate 😅

First wiff of sunshine and everyman and his dog is out with a lawn mower.

@chvancooten 😂😂 sure will stick with that story 😅

@Flangvik Mf discovered he can write shellcode injectors with AI 😛

When you’ve been cooking with fire all week and doing final prep for the internal team demo😎

@Cyb3rMonk @mrgretzky @codewhisperer84 @TrustedSec Meanwhile this is very decent github.com/trustedsec/Tit…

@Flangvik @mrgretzky @codewhisperer84 @TrustedSec That would be awesome!

This week’s video is a quick peek at Titanis by @codewhisperer84 at @TrustedSec , a comprehensive Impacket alternative. It’s cross-platform, extensively documented, and written directly from the protocol specification 🌶️ Link down below

@Cyb3rMonk @mrgretzky @codewhisperer84 @TrustedSec There could easily be! Good suggestion I’ll try to make a PR

@Flangvik @mrgretzky @codewhisperer84 @TrustedSec Is there a table for impacket command replacements? Like a cheatsheet 👀

@sekurlsa_pw @codewhisperer84 @TrustedSec For sure, Impacket is the current go-to. But Titanis is a true gem, so hopefully it doesn’t stay slept on for much longer. The video shows a quick setup and basic usage, but the developer and usage documentation on GitHub is quite extensive, so definitely worth a look 🙂

@Flangvik @codewhisperer84 @TrustedSec And if you are looking for the link of Titanis: github.com/trustedsec/Tit… Normally never watch streams but tempted to look at your video, Melvin 🙃 Titanis seems really impressive, but haven’t seen much info about it. Maybe because impacket is strong competition.

@codewhisperer84 @TrustedSec Link: youtu.be/ksSCIQBu6d0

@domchell You are not sir, if I see another “SaaS is dead” bullshit tweet I’m leaving this app 🤮🥴

I can’t be the only one who feels like this 😂