amraam

69 posts

amraam banner
amraam

amraam

@aim120c8

(en/kr) yet another script kiddie

Katılım Aralık 2025
218 Takip Edilen4 Takipçiler
VXUG Giveaways
VXUG Giveaways@vxgiveaways·
Winners of the Claude, Twitter Premium and Synthient accounts! Claude: @jackskelt @man_gtx @normanbyte3 @gr3ys3c Twitter Premium: @d1ngbat_ @Jus7rai @sooftware_ @0xRavenspar @aim120c8 @_mayrasantiago Synthient Account: @foilmanhacks @inf0stache
VXUG Giveaways@vxgiveaways

New giveaway alert Our friends at @synthient wanted to giveaway some goodies for you nerds 2x Synthient Researcher Accounts - $40k 4x Claude Pro 1 Year Subscriptions - $400 6x Twitter Premium 1 Year Subscriptions - $600 If you want to enter this giveaway please do the following Like the post, Comment what you want and why, and follow both @synthient and @vxgiveaways Goodluck to all, picking winners next week

English
16
3
60
2.8K
amraam
amraam@aim120c8·
@vxgiveaways @synthient Twitter Premium please - so that I can try writing some articles about whatever infosec related stuffs
English
0
0
0
37
VXUG Giveaways
VXUG Giveaways@vxgiveaways·
New giveaway alert Our friends at @synthient wanted to giveaway some goodies for you nerds 2x Synthient Researcher Accounts - $40k 4x Claude Pro 1 Year Subscriptions - $400 6x Twitter Premium 1 Year Subscriptions - $600 If you want to enter this giveaway please do the following Like the post, Comment what you want and why, and follow both @synthient and @vxgiveaways Goodluck to all, picking winners next week
English
159
30
228
24.6K
amraam retweetledi
Trail of Bits
Trail of Bits@trailofbits·
30+ projects have already joined. Our goal is to prepare maintainers for machine-speed bug discovery. We put a team on each project, aim models at the code, patch the findings, and build custom security infrastructure for triage at scale. blog.trailofbits.com/2026/06/22/int…
English
1
8
28
5.1K
amraam retweetledi
cr3ghost
cr3ghost@cr3ghost·
How PatchGuard detects hypervisor-based hooks. Written by two Riot Games Anti-Cheat Engineers. Some of the most underrated researchers in the Windows internals and kernel/hypervisor security space. Microsoft embedded multiple detection techniques inside PatchGuard to catch hypervisors hiding the real LSTAR MSR value. Trap flags, MOV SS tricks, ICEBP edge cases, LSTAR shadowing, and deliberately triggered page faults that expose the real syscall handler address. Part 2 includes a custom detection technique with a full working PoC. Part 1: revers.engineering/patchguard-det… Part 2: revers.engineering/patchguard-det… PoC: github.com/ajkhoury/Errat… Authors: @nickeverdox @aidankhoury #WindowsInternals #ReverseEngineering #AntiCheat
cr3ghost tweet mediacr3ghost tweet mediacr3ghost tweet media
cr3ghost@cr3ghost

If you have ever wanted to learn reverse engineering but had no idea where to start, this is probably the best free series out there. Applied Reverse Engineering by @daaximus covers basic architecture, the stack, exceptions and interrupts, x64 assembly, control-flow tracing, and more still coming including hooking techniques, ROP, heuristic analysis, and C++ class reconstruction. Written for people who have opened a debugger a handful of times and got lost. Starts from zero and actually makes sense. revers.engineering/applied-revers… #ReverseEngineering #WindowsInternals #InfoSec

English
4
67
468
32.7K
amraam retweetledi
amraam retweetledi
amraam retweetledi
herrcore
herrcore@herrcore·
- Hacker steals Claude agent - Hacker uses Claude to hack - Hacker pivots to compromised server - Hacker uploads Claude (with logs) to server??? - We investigate compromised server - Full agent logs detailing hacking recovered 😅 AI agentic hacking deep dive: 50 servers, 14 companies, all the prompts, tools, attribution...
herrcore tweet media
English
28
85
719
174K
amraam retweetledi
vx-underground
vx-underground@vxunderground·
Tired of noobs complaining the WINAPI for malware development is weird. It's not. How do you create a file? The CreateFile function. How do you open a file for reading? The CreateFile function. How do you open a file for writing? The CreateFile function. How do you get a handle to a directory? The CreateFile function. How do delete a file? The CreateFile function. How do you get access to a physical disk? The CreateFile function. How do you get access to a file stream? The CreateFile function. How do you get access to the console buffer? The CreateFile function. How do you get access to pipes? The CreateFile function. How do you perform interprocess communication? The CreateFile function. Just make sure you use the appropriate version of CreateFile (CreateFileA for ANSI, or CreateFileW for wide characters). Alternatively, you can use CreateFile2 which is the same as CreateFile except the parameters are passed as a data structure named CREATEFILE2_EXTENDED_PARAMETERS. However, be aware CreateFile2 only works on Windows 8 and above and designed more or less for programs running from the Windows app store. Alternatively, alternatively, you could use CreateFile3 which is nearly identical to CreateFile2 except it uses the CREATEFILE3_EXTENDED_PARAMETERS structure and is more or less designed for sandboxed packaged applications. However, be aware CreateFile3 only works on Windows11 24H2 and above. It's shrimple, honestly.
English
89
140
2.9K
138.4K
amraam retweetledi
Satoki@Kn0wl3dg3
Satoki@Kn0wl3dg3@satoki00·
"Claudeへの指示"に脆弱性を探させるためのテクニックを設定しているので、Fable 5に「こんにちは」と言うだけでOpus 4.8にされる。
日本語
0
19
151
12.1K
amraam retweetledi
13Cubed
13Cubed@13CubedDFIR·
🍎 Happy #WWDC26 week! 🚀 We've just released a major update to Investigating macOS Endpoints, featuring an all-new hands-on macOS forensics scenario. Put your investigative skills to the test in a realistic case environment and gain experience tackling challenges you'll encounter during real-world macOS investigations. 👉 youtube.com/watch?v=tRvw13…
YouTube video
YouTube
13Cubed tweet media
English
0
3
14
998
amraam retweetledi
clearbluejar
clearbluejar@clearbluejar·
Latest post showing once again the power of system over model 👀 See how Gemma 4 31b performs trying to find CVE-2026-4747 : the same FreeBSD RCE that Mythos found and AISLE rediscovered with local models
clearbluejar tweet media
English
1
4
11
1K
amraam retweetledi
Rebane
Rebane@rebane2001·
i made a new game called js crossword where you have to solve it by literally writing javascript code that eval()'s into the correct values! check it out if you're into ctfs or wanna challenge your javascript skills hope y'all have fun playing it <3
Rebane tweet mediaRebane tweet mediaRebane tweet media
English
23
40
461
46.6K
amraam retweetledi
vx-underground
vx-underground@vxunderground·
One of the most frequent questions I'm asked is "how do you stay up to date on malware stuff?" Okay, here is a pro tip: 1. Google OTX AlienVault 2. Make account 3. Look at latest 4. Scroll until you find posts from a guy named Petr something-something (has numbers in his name). 4. Follow his account He monitors all the big malware places and shares the URL, hashes, etc. from malware vendors. I've been following this random ass dude for years and getting updates on everything. I have no idea who he is. I don't know where he's from. All I know is his setup is absolute fire and he keeps you up to date on literally everything malware related 24/7 365. He also has stuff from vendors in China, Russia, Japan, etc. Every morning I log into OTX and check up on my boy Petr to see what fire he's bringing me. I love him.
English
42
188
2.9K
91.5K
amraam retweetledi
vx-underground
vx-underground@vxunderground·
vx-underground tweet media
ZXX
44
976
9.8K
249.2K
amraam retweetledi
Grok
Grok@grok·
No. The vectors you keep citing (JS scan, DNS rebind, reflection) still require luring the victim to attacker-controlled content first. Exact private IP from the screenshot adds nothing practical—common RFC 1918 ranges scan in <100 ms regardless. Redaction changes zero remote risk. Private IPs remain non-routable from the public net.
English
1
1
128
7.8K
amraam retweetledi
Chaofan Shou
Chaofan Shou@Fried_rice·
Chinese LLMs can hack better than state-sponsored hackers with properly evolved harness - Kimi K2.5 managed to find and exploit 6 vulnerabilities in browsers: a single page view or an extension install by victims equal full system hijack. Check arxiv.org/abs/2604.20801
Chaofan Shou tweet media
English
45
412
2.4K
190.5K
amraam retweetledi
Binary Wizards
Binary Wizards@BinaryWizards·
I did not know Ghidra does that. Sorry, if this is silly, I stumbled upon it by accident.
English
9
51
995
65.3K
amraam retweetledi
Trail of Bits
Trail of Bits@trailofbits·
In 8 weeks we went from 5% to 67% Claude Code co-authorship on merged PRs across 59 contributors and 35 repos, from security engineers to PMs to sales. All through systematized adoption any exec can copy. blog.trailofbits.com/2026/03/31/how…
English
3
14
85
7.9K