drm

Choose your poison 🦋 bsky.app/profile/lowerc… 🐘 @drm" target="_blank" rel="nofollow noopener">mastodon.social/@drm (still posting here too)

Please, be advised that someone is using a forked repo of my KingCastle python script to spread LUA malware. What a time to be alive. User: Ramdhankola Repo: KingCastle 🌻

Two more zerodays - deadeclipse666.blogspot.com/2026/05/two-mo…

@SipeedIO Will it be open sourced ?

#SLogic support #ngscopeclient now~ Try it now: wiki.sipeed.com/hardware/zh/lo…

Asked Claude to code a small site for the @NoobieDog repo about TPM sniffing. It was a fun exercice (even with a free tier claude account haha). vmk.lol

Dell Pro 14 Plus - PB14250: VMK sniffed on the WSON flash (UC2) hidden under the anti static (?) sticker.

Dell Pro 16 Plus - PB16250: TPM (green square, U712) and BIOS (red square, UH8) are on the back of the motherboard. But it boots on a desk!

Recently sniff a SPI bus for the first time (with and without PIN) on a Lenovo T470. It's quite fun, event with a DSLogic! s/o @en4rab for SPITkey.

In our latest post, researcher @craigsblackie documents attacks against the Dell UEFI firmware that enable DMA attacks against TPM-only bitlockered devices mdsec.co.uk/2026/03/disabl…

A private @Burp_Suite Collaborator instance is an essential for pentesting sensitive environments, but managing TLS for it can be a pain. Today we release a Certbot plugin that automates Let’s Encrypt wildcard certificate renewals for private instances. github.com/AlmondOffSec/c…

Based on prior research by @Jonas_B_K, @harmj0y, @PyroTek3, @_dirkjan, @gentilkiwi and prior work from @SAERXCIT and many impacket contributors!

@vendetce No, problem, it's nothing fancy, but it helps (me, at least 🙂)

@lowercase_drm Cool, thanks

I was bored to type the same commands each time I started a new internal pentest. So here comes KingCastle. This script does not perform any attacks, consider it as a cheat sheet, to quickly see low hanging fruits. github.com/ThePirateWhoSm…

@GiliYankovitch 🏅

@lowercase_drm Awesome! Have fun tinkering with it! 😊

The Sword made its way to France 🗡️ @GiliYankovitch

@andrewdanis Good catch, thanks

@lowercase_drm tweet is easier than opening a github issue, but looks like line 102 has a typo "dnshostame" which causes the script to fail

Team member @sigabrt9 was able to bypass Apache FOP Postscript escaping to reach GhostScript engine. offsec.almond.consulting/bypassing-apac…

@al3x_n3ff @Defte_ I have just experienced that behavior with a STATUS_PASSWORD_EXPIRED error

@Defte_ I have experienced that wrong credentials result in these timeouts, correct credentials still work as expected with NTLM. In your case there might be a bug with the long username? If anyone knows the reason for these timeouts please share your knowledge✌️

Anyone know wtf is happening ? Authenticating via NTLM on DC2025 seems a bit broken while working completely fine with Kerberos:

@en4rab @SipeedIO Nice hardware but sigrok can't handle a 15s capture at 800Mhz without crashing and it is barely usable at 400Mhz... I used the plugin from DSview (github.com/DreamSourceLab…), do you know a better one?

I finally tested the @SipeedIO SLogic16U3 with TPM sniffing. Their build of sigrok doesnt have Ghecko's plugin included but it is simple to add. I had some issues with it not liking my usb-c port but I got a trace and found out my sigrok2pcap script was rubbish and needed fixing

Team member @myst404_ identified a privilege escalation in WAPT caused by a DLL hijacking issue, which was promptly fixed by the vendor. Patched in version 2.6.1. Changelog: #wapt-2-6-1-17705-2026-02-04" target="_blank" rel="nofollow noopener">wapt.fr/fr/doc/wapt-ch…

@GiliYankovitch Can't wait to receive it! What about the ENIG coating version for the golden challenge winners?

The Sword of Secrets is shipping worldwide ⚔️ What started as a small hardware CTF turned into PCB spins, custom jigs, packaging chaos, and 250 units doing a surprise customs round trip. Every sword made it back. Now they’re finally on their way. Worth it. #Hardware #Embedded

Merged in main 🎉 Happy hacking!