regne

@code, do you know how much it costs?

If you missed the talk at @1ns0mn1h4ck , our latest blog post is now available for you to explore. In this post, researchers @Hacker_Chai and @SachaKozma detail their journey to a 1-click RCE exploit on the Samsung S25 phone. Check it out here: bugscale.ch/blog/shoot-for…

@matthias_kaiser Is this a plugin for Android Studio?

And smalidea-ng gets initial renaming support 👍!

Interested in exploiting browsers? Join me as I go over the free section of @ret2wargames "Fundamentals of Browser Exploitation" course. This is a course delivered by real #Pwn2Own winners! So, you're learning from the best! This first video is very beginner friendly so check it out even if you're just curios🧐. Video link below: youtu.be/5ArMYqwCmD4

For anyone dealing with RASP protected apps, frida-strace is now your first step. Trace the syscalls, find what the app checks, hook those specific functions, bypass. No more guessing. Frida 17.8.0+, kernel 6.1+ required. #Frida #MobileSecurity #AppSec

@NetworkChuck Thank you so much, truly. This video was my pill to AI anxiety.

I kind of hate AI...and it almost made me quit youtube -----> youtu.be/dbMXi9q78Tk

Interesting how AI facilitates and speeds up reverse engineering, but it still struggles to identify logical vulnerabilities in apps. I've been developing some custom agents and doing some ai-assisted researches in some OOS apps and had better results than 100% AI tests

And this makes sense given how many CTFs are held per year. However, the ideal CTF challenge, in my opinion, should follow this formula: "The author conducted a mini-research project and instead of publishing it, turned it into a challenge."

Finally got this virtual iPhone running iOS 26.1 up and running on macOS. It's jailbroken and going to help with security research a ton. Big thank you to @wh1te4ever for this. This is not for the average user and is complicated to set up. Highly recommend Codex and/or Claude to assist. For those interested, the project is here: github.com/wh1te4ever/sup… And the writeup is here: github.com/wh1te4ever/sup…

@SinSinology NT Authority\System 😀

🦋

> invented JavaScript > co-founded Mozilla > built Brave to block ads by default > made the internet faster > said privacy isn’t optional > didn’t sell out to surveillance capitalism absolute legend 🐐

@pwnj0 @8kSec hm quem falo que eu sou seu amigo em...? quem falo.??

@8kSec @_regne Offensive Android Internals

🎄 XMAS GIVEAWAY ALERT! 🎅✨ 🎉🔥 To celebrate the holiday season, we’re giving away TWO 12-month FREE vouchers for any of our premium courses: ▪️ Practical Mobile Application Exploitation ▪️ Offensive Mobile Reversing and Exploitation ▪️ Offensive iOS Internals ▪️ Offensive Android Internals ▪️ Practical AI Security: Attacks, Defenses, and Applications How to participate: ➊ Like 👍 this post ➋ Comment which course you’d like to win and tag one friend. If you win, both of you get FREE access! ➌ Repost 🔁 ➍ Follow @8kSec so we can DM you if you win 🎁 Two random winners will be selected and announced on December 24, 2025, on our socials. Both the winner and their tagged friend will receive FREE access to the selected course. 🔗 Learn more about our courses: academy.8ksec.io

@8kSec @0xTeles Offensive Mobile Reversing and Exploitation

I've built a powerful PC and now it perform well in every game that I tried, but when I open Android Studio and start an emulator.....

"Only wimps use tape backup: real men just upload their important stuff on ftp, and let the rest of the world mirror it ;)" - Linus Torvalds, 1996 on LKML "My data storage approach is: I upload it to the internet, and if it's worth saving, somebody else will save it for me." - Linus Torvalds, 2025 on Linus Tech Tips

Android Recon for Bug Bounty Learn how to extract APKs, find hidden endpoints & secrets before exploitation using tools such as: APKeep, APKTool, apk2url, jadx-gui, MobSF, MARA, Drozer yeswehack.com/learn-bug-boun… via @yeswehack

Primeira conta de energia rodando homelab já não bateu legal 🥲

keeping your laptop plugged in is less damaging to the battery than constantly draining and refilling it I always thought it is the opposite

In a recent lawsuit settlement, Google agrees to delete the incognito browsing data they keep about you.

Vejo uma galera que se sente intimidada com bug bounty, achando que apenas pessoas especiais conseguem fazer, no fundo, não é tão diferente de um pentest. Apenas comece, dupes, infos, sao normais e fazem parte da caminhada :)