MuMu

vss-fr2system Two small tools that turn an arbitrary file read bug on Windows into a SYSTEM shell. vss_freeze/ — creates a Volume Shadow Copy as a standard user, then holds it open so you have time to read the SAM/SECURITY/SYSTEM hives out of it fr2system/ — takes the hives you copied out, decrypts the local NTLM hashes offline, and pops a SYSTEM shell Together with any arb-file-read primitive that runs as SYSTEM (or anything that can read out of \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopyN\...), this is a complete std-user to SYSTEM chain on a default Win10/Win11 box github.com/sailay1996/vss…

@AzakaSekai_ Wait, wut ?

IDA 9.3sp2 has been released. This update addresses... *reads notes* > idaclang: fixed an argument injection in CLANG_ARGV that could lead to arbitrary code execution when opening a malicious database oh

シナモンの父親は太陽、母親は空です。 mtbrs.net/ps_cinnamoroll…

酒

そういえばブログにしてなかったので書きました．久しぶりの新作です． はてなブログに投稿しました 実際に飛ぶドローン名刺を作ってみた - fumiLab fumimaker.net/entry/2026/04/… #はてなブログ

New Mimikatz Researchers took an old version of Mimikatz and taught it how to dump credentials from the latest operating systems! The research: @tanrikuluatahan/fixing-mimikatz-sekurlsa-logonpasswords-on-windows-11-24h2-25h2-253e82866197" target="_blank" rel="nofollow noopener">medium.com/@tanrikuluatah… The repo: github.com/tanrikuluataha… #redteam #pentesting

#Wanderer #HackTheBox Hacked Wanderer within 5 days Lots spray, weird automobile related techniques Actually not that hard, but some noises during forensic will make you wonder if that's useful or not Still learned something interesting Next: CAPE Certificate, or maybe RastaLab

Method name overlaps alongside other indicator overlaps, likely Lazarus-adjacent/UNC1069 once again based on prior Mandiant attribution. Unfortunately, this is about as far as the attribution chain goes, since the original WAVESHAPER used in the prior campaign is heavily packed, but based on the supply-chain-focused + macOS-specific payloads TTPs this seems to check out.

@AzakaSekai_ @feross Reverse Engineer stream comes back ?

guys the week just started

@popcorn03062006 剛準備確認 ID，笑死

怕有人誤會認錯人 先說我跟他是兩個不同人 沒有任何關聯 @ntc_corn/post/DWdx5O3CepS?xmt=AQF05I1qCjUSr63vFP5OPloe6ehHcNcEgvQwxTifzQjUdt189CXDXopY7-Sy9Fmw44CyR5M&slof=1" target="_blank" rel="nofollow noopener">threads.com/@ntc_corn/post…

They're using a new OLLVM obfuscator in this newer build - or at least with different functionalities enabled. My config parser's still got it though :)

- Learning HTB CAPE with 40% percent (probably finished academy in half month) - Ready to play some prolabs - Play some sherlocks and learn new things from Blue Team tools - Enhance network technologies - Move to new home - Adjusting to the macOS workflow

This is how it looks like right now after 3 almost 4 months learning (Without greet dot Image types) What I learned and things done during the period - About 10 machine boxes and I finished Eloquia insane box by myself - Try auto-deployment tools - Enhance my poor english

#DEVCORE Pwn2Own and React2Shell agendas are impressive

#Zer0Con2026 - SPEAKER 🎃 Pumpkin Chang(@u1f383) from DEVCORE - “Modern Android Kernel Exploitation Through a Mali Driver Vulnerability” For more: zer0con.org

@ProbiusOfficial CTF 已經在屬於 Hacker 的遊戲這條路上越走越遠了

昨天和某联队的招新负责人聊天，了解到新生赛榜单全是ai agent和ai解题搞出来的好看数据， 真正的小登要么已经被ai调教地阿巴阿巴了， 要么已经被ai榜单剥夺了学习的正反馈和成就感。 负责的师傅之前是抢着去面试新人的，现在都觉得面试非常痛苦，不想去。 ai真是太好用了，你知道么。

new kid coming to reverse engineering town…his name is Snowball 🐇

@323Mizumi_Bee wolframalpha.com/input?i=%28x%5…

ʜᴀ͟ᴘ͟ᴘ͟ʏ ᴠᴀʟᴇɴᴛɪɴᴇ's ᴅᴀʏ̆̈ 🐝: (x^2+y^2-1)^3=x^2y^3 這個數學題你解一下 👨‍🦱直男 : 我找一下筆跟紙 有沒有原題 這樣打我不確定次方到哪 🐝❓ 臭直男 🙄 又難得做了張圖 uwu 🫶 #嗡嗡作響 #情人節快樂

@998rrr_ @a24098030 又在黑

我到底都把學到的技能用到什麼東西上了...... 情人...節快樂...