Co11ateral

Timeroasting can be used to extract user hashes and it's stealtier than DCSync or NTDS shadow copies. Defenders should start monitoring this activity. Learn how: hackers-arise.com/powershell-for… @three_cube @_aircorridor @DI0256 #DFIR #BlueTeam #redteam

Open Source Intelligence is One of the Fastest Growing Areas of Cybersecurity! It can be used for recon for pentesting, investigations, and cyber intelligence for intelligence agencies and commercial interests. Get started in this field with the Ultimate OSINT training. Part 1 of this 3-part series is April 21-23

Strategic OSINT techniques for Twitter/X! Learn methods for gathering intelligence from social media platforms. hackers-arise.com/twitter-x-stra… @three_cube @DI0256 @IamSmouk @co11ateral

In our Red Team Operator training, we teach you how to build an infrastructure to test your organization’s security on a regular basis. Different scenarios, techniques, and tactics can be used to emulate the work of real APT groups hackersarise.thinkific.com/courses/red-te… @three_cube #pentesting #redteam

Map physical infrastructure with OSINT tools! In this article, we show you how to use Sightline for reconnaissance and infrastructure mapping. hackers-arise.com/open-source-in… @three_cube @DI0256 @IamSmouk @co11ateral

For those of you into OSINT, there is a whole OS you might want to explore. It’s really well tailored for investigations We showed how to install and use it hackers-arise.com/open-source-in… @three_cube @_aircorridor #osint #privacy

During the Month of March, Hackers-Arise is Offering 50% off to residents of Mexico! For your 50% off coupon, email hackers-arise@protonmail.com @three_cube

Open Source Intelligence (OSINT): Gathering Information on a WhatsApp Account In this article, we will delve into how to utilize the WhatsApp-OSINT tool for extracting profile account details during OSINT investigations: hackers-arise.com/open-source-in… @three_cube @DI0256 @co11ateral

KslDump - BMVD (Bring the Microsoft Vulnerable Driver) KslDump extracts credentials from PPL-protected LSASS using only Microsoft-signed components. No exploit is deployed. No driver is loaded. Microsoft patched the running version (wd\KslD.sys) by nulling out MmCopyMemory, but left the old vulnerable version (drivers\KslD.sys) sitting on disk. The attacker just point the service back to what Microsoft forgot to clean up. #redteam #blueteam #pentesting

Snowy mountain peaks in Turkey, a few days ago. The dashboard gets new MODIS Terra satellite imagery daily You can run it locally: hackers-arise.com/open-source-in… @three_cube @_aircorridor #privacy #OSINT

I really like the Raspberry Pi. We can do a ton of amazing things with it. Hacking? Easy. Programming? Absolutely. Learning Linux? With pleasure. To make your introduction to the Raspberry Pi easier, I wrote a few tutorials. Check them out! hackers-arise.com/hacking-with-t… @three_cube

CVE-2026-25769 - Remote Code Execution via Insecure Deserialization in Wazuh Cluster A proof-of-concept exploit for CVE-2026-25769, a Remote Code Execution via Insecure Deserialization in Wazuh Cluster github.com/hakaioffsec/CV… #cybersecurity #redteam #blueteam

What is the future of AI? Maybe these 6 movies can help us imagine the future! youtu.be/lhypZBpHGcU?si…

Off-grid communication is becoming increasingly relevant. Here’s how you can choose the right hardware for your Meshtastic network. hackers-arise.com/off-grid-commu… @three_cube @_aircorridor @DI0256 #privacy

VMkatz Without VMkatz, you must exfiltrate full VM disks or memory, analyze them locally, and extract credentials one VM at a time a slow, bandwidth-heavy process. VMkatz skips that by extracting Windows secrets directly from VM snapshots and disks in place, without full exfiltration. github.com/nikaiw/VMkatz

ARM Processors are Everywhere! You need to become familiar with these RISC CPU that are powering everything from IoT to Artificial Intelligence! hackers-arise.com/arm-cpu-archit…

For those of you interested in digital forensics, Part 3 of our Registry Forensics series is now out. Here we cover evidence of execution hackers-arise.com/digital-forens… @three_cube @_aircorridor @DI0256 #forensics #cybersecurity #blueteam

Starting tomorrow!

Web App Hacking: Finding Web App Vulnerabilities with Caido Scanner Caido just became a serious Burp killer. Scanner plugin auto-detects vulns as you browse + launches targeted attacks on suspicious endpoints: hackers-arise.com/web-app-hackin…