Deanos

.LNK files are implemented as COM objects. You need IShellLink + IPersistFile to create, read, or modify them programmatically. New video + write-up, code included, security angle too. trainsec.net/library/window…

Hahahahaha

HashDump-BypassEDR：github.com/AabyssZG/HashD… 通过系统白程序 Reg.exe 的拓展应用，巧妙绕过EDR的拦截点，实现绕过EDR从而DumpHash😈 该方法针对Windows系列均有效，操作难度不大，具有实战价值🥳 本项目实战文章：blog.zgsec.cn/archives/EDR-D… 源代码和Release已发布，师傅们麻烦点个Star，万分感谢！😍

Modern C2 implants use sleep masking & metamorphic code to stay hidden. We’re revealing how to unmask them using low-level runtime telemetry (ETW & CPU profiling) live in production including a POC with a lightweight sensor. My team will be presenting our research at x33fcon: x33fcon.com/#!s/SebastianF…

Powershell Scripts With 100% AV Bypass (PSSW100AVB) repository github.com/tihanyin/PSSW1… New undetectable PowerShell reverse shell added (May 4, 2026). 🔥 Essential for red teamers—use it in the next 2-3 weeks before it gets flagged! #Powershell #RedTeam #ReverseShell

CVE-2026-23870, CVE-2026-44575, CVE-2026-44579, CVE-2026-44574, CVE-2026-44578, CVE-2026-44573, CVE-2026-44581, CVE-2026-44580, CVE-2026-44577, CVE-2026-44576, CVE-2026-44582, CVE-2026-44572 github.com/dwisiswant0/ne…

💥 Introducing "Dirty Frag" A universal Linux LPE chaining two vulns in xfrm-ESP and RxRPC. A successor class to Dirty Pipe & Copy Fail. No race, no panic on failure, fully deterministic. ~9 years latent. Ubuntu / RHEL / Fedora / openSUSE / CentOS / AlmaLinux, and more. Even if you've applied the "Copy Fail" mitigation, your Linux is still vulnerable to "Dirty Frag". Apply the Dirty Frag mitigation. Details: dirtyfrag.io

pyghidra-mcp v0.2.0 is out with new --gui mode. 👀 Your local LLM drives a real Ghidra CodeBrowser, not a plugin. New blog post shows firmware RE of the CVE-2024-3273 RCE chain with Gemma4. clearbluejar.github.io/posts/pyghidra…

Just added the DigiCert breach to my Breach Report Collection repo. The cause was a combination of social engineering, persistence, and misconfigurations. These types of reports are useful & rare. I recommend others to check it out: github.com/BushidoUK/Brea…

morphkatz - Polymorphic PE rewriter for Windows x64 , rewrites binaries into semantically identical but byte-different variants github.com/0xMohammedHass…

Given that this supply chain attack is highly complex, we urge everyone who uses DAEMON Tools to isolate their machines and initiate a security sweep to ensure protection against malware. You can refer to the IoCs that we published in our blogpost, securelist.com/tr/daemon-tool…. [7/7]

It's been a while since I wrote a blog post. My new post writes about some cool updates to the MS-RPC-Fuzzer for recursively fuzzing complex structures, logging using ETW, and we found a way to escalate to nt\authority system! incendium.rocks/posts/Fuzzing-…

Evasion tools are fragile. They appear, get popular, then stop working once defenders catch on. Sometimes a new tool stays quiet and still works well. Tenebris-Gate is one of those. Learn more in the article (for educational purposes only): hackers-arise.com/evading-antivi…

Kubernetes Secret Extraction via ArgoCD ServerSideDiff github.com/argoproj/argo-…

OpenAI Whisper API: $0.006/min → $0.36/hr ElevenLabs Speech-to-Text: $0.40/hr Deepgram: $0.0043/min → $0.26/hr AssemblyAI: $0.37/hr This repo: $0/hr 150 min in less than 98 sec. Long live Open Source

Someone open sourced the entire ElevenLabs + Descript stack in a single local tool. Voice-Pro: zero-shot voice cloning, Whisper transcription, vocal isolation & dubbing in 100+ languages. ElevenLabs charges $22/month for this.

if you are running local ai or thinking to start, if i could give you one single piece of advice it is this: choose your agentic harness carefully. it matters more than the model. i have lost count of how many people have dm'd me saying their local model is "dumb" or "broken" or "not as good as the cloud one." then they switch from openclaw or some other bloated framework to hermes agent and the same model suddenly works. just clean tool calls and the agent doing the thing it was supposed to do. hermes agent is the best general purpose agent i have used in 2026. drives my single 3090 with qwen 3.6 27b dense q4, drives my dgx spark with nemotron omni q8, and the same harness handles coding, research, video editing, automation, anything you point it at. packed with skills out of the box (browser tools, code, github, jupyter, multimodal, more than i have used yet), full tool calling that holds across long sessions, persistent memory, sub agents. if you tried local ai once or twice and gave up because it felt half baked, the issue might not have been the model. it might have been the harness wrapping it. swap the harness, run the same model again, and watch what changes. hermes agent is the one i recommend to everyone running local. and especially to anyone who almost gave up on it.

Gives coding assistants skills to build AI agents github.com/google/agents-…