HolyM

A BOF designed to inspect processes, memory, and addresses github.com/whokilleddb/PS…

As promised, here is the weapon that u can use your arb file read eop bug to nt system. github.com/sailay1996/vss…

github.com/Thoxy67/zig-pe Reflective PE loader written in Zig. Loads and executes native and .NET PE files directly from memory. by @Thoxy67

boh starred KingOfTheNOPs/CDP-Enable-BOF on Github ift.tt/13CkaRj

NetSonar: Lightweight Network Recon & Diagnostics Toolkit for Blue/Red Teams. 🌐⚡ Multi-protocol probing (ICMP/TCP/UDP/HTTP), subnet discovery, port/service detection, and real-time interface monitoring — all in one cross-platform tool. Useful for network reconnaissance, troubleshooting, and visibility across internal infrastructure. 👉 github.com/sn4k3/NetSonar #CyberSecurity #Networking #OSINT #BlueTeam #RedTeam

boh starred ANYLNK/KSLDBYOVDARK on Github ift.tt/FKQpCnw

Les comparto el paso a paso para crear certificados autofirmados con #PowerShell y firmar los archivos RDP en #Windows11 para que no aparezca la admvertencia al ejecutarlos. Puedes desplegar los certificados por GPOs y la huella para que el editor sea válido para rdp. github.com/SoyITPro/docs/…

Open-source cybersecurity skills library for AI agents github.com/mukul975/Anthr…

Just shipped a WinDbg x64 extension that turns live disassembly into verified pseudocode via LLM — chunked multi-pass analysis, in-process HTTP, mock fallback, and a verification pass that cross-checks LLM output against original analysis facts. github.com/kernullist/win…

Added a minimal working PoC for the code injection technique used by the UTILITYBURST implant. github.com/winterknife/EV… P.S. If you think this is kinda lame in 2026, I agree. Remember that Barnaby Jack demonstrated this more than 20 years ago now, and it is still relevant today.

@psycep_ Thank you, will be more testing and feedback 😆

@HolyMoly84103 gopacket's WMI only implements GetObject and ExecMethod, the PutInstance marshalling path from that Impacket issue isn't there. wmipersist calls PutInstance via go-msrpc, and after review, it correctly emits the CIM_FLAG_ARRAY count + heap refs that Impacket missed

gopacket is live! Check it out, it is intended to be a full reimplementation of Impacket in Go (it is in beta please send me bug reports) github.com/mandiant/gopac…

@TwoSevenOneT 🤣 one of the best solution for every one who need to test av is work...

To be honest, in many cases I test evasion or antivirus bypass by dropping #mimikatz onto the Desktop and running it to see if it works. I don't use the EICAR test file 😂 Drop Mimikatz and the AV doesn't complain ==> something's worked

@psycep_ Another researcher already open issues: github.com/fortra/impacke…

@HolyMoly84103 I tried to address underlying Impacket bugs during the process, so maybe… can you send me the specific error you are referring to?

Learning Reverse Engineering on a Mobile Game (Frida + Ghidra + AI) github.com/kdbugk/game-of…

If you’re into Impacket you might want to checkout Titanis. Perhaps it’s more opsec safe 🤷‍♂️ github.com/trustedsec/Tit…

swarmer. tool for sneakily adding registry keys to HKCU without EDR/AV being able to see what's happening even if you don't have administrator access github.com/praetorian-inc…

I just dropped some research: DSCourier and would love for your opinion and to check it out!! It’s a novel post-exploitation technique abusing WinGet’s COM API to execute code through Microsoft-signed binaries. GitHub: github.com/DylanDavis1/DS… Blog: dylansec.com/DSCourier/

GitHub - Nightmare-Eclipse/RedSun: The Red Sun vulnerability repository · GitHub github.com/Nightmare-Ecli…

damn this github.com/Nightmare-Ecli… is cool! 1. Defender scans it (runs as SYSTEM) 2. swap the file path using: NTFS junctions, mount points 3. Defender writes the file 4. path secretly points to: C:\Windows\System32\ 5. boom Windows executes it system shell