hdks

We discovered an interesting code injection vulnerability, CVE-2025-3248, affecting #Langflow, a popular agentic AI workflow tool. This enables unauthenticated attackers to fully compromise Langflow servers. horizon3.ai/attack-researc…

I recently published Living Off The Land Payload Generator (LOLGEN). This site generates commands tailored to specific purposes, referencing sources like LOLBAS, and supports Windows red teaming. lolgen.hdks.org

I've added a selector feature for common exploits to the Exploit Notes (exploit-notes.hdks.org) and the design has bee updated.

I'm recently focusing on learning red teaming and developing a C2 framework called Hermit (github.com/hideckies/herm…), and a bit of AI.

🚨 #CyberAttack 🚨 🇧🇷 #Brazil: Salton, a famous Brazilian winery, has been listed as a victim by the Akira ransomware group. The hackers allegedly exfiltrated 30 GB of HR files, employees’ personal data, agreements, contracts, financial data, etc. Salton is recognized as one of the main Brazilian wineries, leader in the commercialization of national sparkling wines in Brazil. #Ransomware

Parrot 6.1 has taken off 🚀 If you want to discover more about this new version, click here 👉🏼 parrotsec.org/blog/2024-06-0… #ParrotSec #ParrotOS #CyberSecurity #CybersecurityNews #Hacking #PenTest #Pentesting #linux #linuxdistro

Security Links now displays a news feed collected from the RSS of various awesome websites. security-links.hdks.org

@LunacySoft 🙏🙏

@hideckies nice site!

I've updated the exploit-notes.hdks.org design🔥

🚨 I'm super excited to announce the project I've been pouring all of my free time into this past month. The Kubenomicon: An open source offensive security focused threat matrix for kubernetes with an emphasis on walking through how to exploit each attack. Get more info below!

🚀Open Source Surveillance now offers Face Recognition Search! Easily locate and track people's appearances across the internet and social media. Register on os-surveillance.io #facerecognition #osint #intelligence #privacy #infosec #SmartCity #surveillance

@0xclient Oh thank! I'll fix it in the next update.

@hideckies Quick typo in exploit-notes.hdks.org/exploit/window… "powershlel" -> "powershell" 👍

GitHub - Geeoon/DNS-Tunnel-Keylogger: Keylogging server and client that uses DNS tunneling/exfiltration to transmit keystrokes. github.com/Geeoon/DNS-Tun…

Parrot 6 is officially out 🔥 If you want to discover more about this new version, click here 👉🏼 parrotsec.org/blog/2024-01-2… #ParrotSec #ParrotOS #CyberSecurity #CybersecurityNews #Hacking #PenTest #Pentesting #linux #linuxdistro

I changed the subdomain for some reason.. security-links.hdks.org

My first time for using Astro framework and made curated list of links for cybersecurity. theoffseclibrary.hdks.org

Hey, Hackers 👋🏻 CrackMapExec is no longer maintained. You can try NetExec - The Network Execution Tool github.com/Pennyw0rth/Net… #cybersecurity #Pentesting #Hacking #infosec #cybersecuritytips #redteam #coding #vulnerabilities #BugBounty #CyberSecurityAwareness

New site is live 🫡 vx-underground.org

*Eye twitch*

This is a pretty nice graphic explaining how Kerberos Auth takes place. Useful to have as a reference when you have to explain and visualize attacks such as Pass The Ticket, Kerberoasting and AS-REP Roasting. Credit: @0xNarek 🙏🙏

I'm creating a toy CLI tool to fool AI/ML models for understanding AI security. Currently only for image classification models. github.com/hideckies/fool…