chebuya

Found an SSRF in Sliver C2 (CVE-2025-27090), allowing an attacker to read and write TCP traffic through affected teamservers. Demo shows leaking the IP of a Sliver teamserver hidden behind redirectors Writeup and PoC in replies

Found a medium severity path traversal in Velociraptor (CVE-2025-14728). Will have funny/embarrassing story about it soon. Shoutout to Mike Cohen of Rapid7/Velocidex for building such an awesome tool and swiftly triaging the vuln/severity upon report

Also, big thanks to @ACEResponder for their work on RogueSliver - it was massively helpful while writing the PoC. Do check it out: github.com/ACE-Responder/…

PoC: github.com/chebuya/exploi…

Found an SSRF in Sliver C2 (CVE-2025-27090), allowing an attacker to read and write TCP traffic through affected teamservers. Demo shows leaking the IP of a Sliver teamserver hidden behind redirectors Writeup and PoC in replies

@vxunderground smelly let me talk about phishing minecraft players and c2 agent authentication

@Print3M_ all roads lead to .dll

"Top 50 Techniques & Procedures" blog.redteamguides.com/top-50-techniq… Real world malware delivery and initial access techniques (red teaming). Good source of inspiration.

@sammwy @vxunderground to be declared gigachad

@vxunderground Cool but I feel like compared to the threats that affected Minecraft in the past, this is like a skiddie game. I mean, why would you waste your time doing something so useless? I'm not criticizing cuz I'm the first one to do useless side projects, but I just don't get the point.

vx-underground Black Mass Research Group presents: Minegrief. tl;dr a computer worm that targets minecraft github.com/blackmassgroup…

@vxunderground enjoy :3

@cyberspacerr @vxunderground Scraped from shodan/censys

I have hereby been declared GIGACHAD for the Minecraft malware I wrote for the @vxunderground JVM malware competition 🥰🥰 Do check out the Black Mass Research Group telegram as well! t.me/blackmassresea…

This is the contest winner :) Ships with a 0day for Crafty controller. Huge thanks to @_chebuya. Today I'm announcing Black Mass Research Group. Our goal is to make interesting malware for public study. Please enjoy our first project! github.com/blackmassgroup…

@vxunderground @ESET

Today @ESET released a paper on "Bootkitty" the first UEFI bootkit for Linux. We didn't even read the paper, we just liked the name and artwork

🛠️ Sastsweep A tool designed for identifying vulnerabilities in open source codebases at scale It can gather and filter on key repo metrics such as popularity and project size, enabling targeted vulnerability research It automatically detects potential vulnerabilities using @Semgrep By @_chebuya github.com/chebuya/sastsw…

📚 tl;dr sec 255 🤖 @ProjectZeroBugs AI finds bug in SQLite ☁️ New OSS: CloudTail, SkyScalpel @permisosecurity 🛣️ Auto-generate Terraform Secure Guardrails 📺 @SANSInstitute CloudSecNext Summit 2024 videos 🇨🇳 The TTPs Used to Neutralize China-Based Threats @SophosXOps 📊 Safer SCPs: Real-Time SCP Error Monitor @matthewdfuller 🛠️ sastsweep @_chebuya and more! tldrsec.com/p/tldr-sec-255

@lastweekinfosec @MDSecLabs woah I know that person! 😹

WAF bypasses (@MDSecLabs), sastsweep (@_chebuya), and more! blog.badsectorlabs.com/last-week-in-s…

Here is running SASTsweep against HackerOne open source targets It lets you open the semgrep finding in an HTML report, and from there you can open the affected section of code within GitHub/Github1s for further analysis Tool: github.com/chebuya/sastsw…