NightWolf

@HackingLZ Just don't go to Blackhat then. 🧠

I really want to publish some research but at the same time don’t want to get beat up by EDR vendors at Blackhat

@lauriewired The little engine that could. :-)

I promise this relates to RAM (you'll find out in my next video)

#flareon12 is coming in hot and fast this year and will only run for 4 weeks this year instead of the usual 6. Don't miss it! flare-on.com

@phrack @defcon @richinseattle @netspooky @chompie1337 I've been waiting to see this posted!

Did you miss our @defcon panel this year? It's hacker history storytime hosted by @richinseattle @netspooky @chompie1337 with special guests! Check it out: youtube.com/watch?v=TW-D1I…

Google CTF will start in less than 48h from now. Make sure not to miss the great challenges we've prepared this year!! Can't describe how exicted I am for it 😶

@_JohnHammond @BSidesTampa Excellent! I've been looking forward to this!

Big thanks to @BSidesTampa for the keynote opportunity 💙 Video recording is available now :) youtu.be/PhbD-VpZTwc?si…

@perribus Awesome talk! It was supper neat to see your approach for both working on the vulnerability directly and not arguing with the LLM that didn't want to help. :-)

Back in 2023, the assessment of the pre-authentication vulnerability in SSH was that it wasn't exploitable on Linux. For my OffensiveCon 2025 keynote, I wrote enough of an exploit to show, with the right heap groom and stabilization, it's likely exploitable. Then I tried to have AI do it. Up to @taviso whether that merits switching to Windows 98 :) youtube.com/watch?v=Y1naY3…

@rootsecdev Probably true. But it makes me laugh every time regardless.

probably a loaded question

It is a lot of fun seeing the First Bloods channel fill up for #NahamCon2024 CTF now that the game is running -- get your own team name up there! jh.live/nahamcon-ctf (5/23-5/25)

There is now a publicly available proof of concept and active exploitation for the ScreenConnect vulnerability. All bets are off... Know that exploitation will nuke current user accounts on the system!

.@HuntressLabs security researchers have successfully created an exploit for #ScreenConnect <=23.9.7. We're being purposely tight-lipped but 100% agree w/@ConnectWise’s 10 CVSS score. Can confirm server-side #RCE w/ability to pivot to endpoints. PATCH NOW. connectwise.com/company/trust/…

@chompie1337 @FuzzySec Huzzah! I've been waiting for this to be up.

Rootkits, keyloggers, and DKOM (oh my!). The video is finally up for @FuzzySec and I’s BlackHat talk: Close encounters of the advanced persistent kind: Leveraging rootkits for post-exploitation. Check it out ☺️ youtu.be/t7Rx3crobZU?si…

I try an avoid this hellsite, but I did a quick dive into sudo in Windows and here are my initial findings. tiraniddo.dev/2024/02/sudo-o… The main take away is, writing Rust won't save you from logical bugs :)

The Okta hack that keeps on giving! Cloudflare announced a new data breach today in it's continued battle against creds stolen during a previous Okta hack Let's dig in:

@_JohnHammond Congratulations! It's been an awesome journey to watch. I think you got the haircut figured out eventually. 😉

This is a long and sappy post, so please bear with me. But it's a very personal trip down memory lane, and a celebration of the big "one million." ❤️

𝗧𝗵𝗮𝗻𝗸 𝘆𝗼𝘂. 🙂

There are some excellent challenges in the pool. Come check it out!

@vxunderground @CERT_Polska_en @hatching_io 👀That sounds worth a look.

We're gifting 3 people access to our private malware database *Work in progress, not entire VXUG collection *Searchable by hash, tag, etc. *IOCs extracted from (some) binaries Specials thanks to @CERT_Polska_en & @hatching_io for the help! Comment for a chance to get access:)

@0x1h3r @_JohnHammond @optionalctf Read the "How to Register" page on the right sidebar. It has more information.

Coming in hot, this time without our accounts being yeeted into one :D

@z3ro_daze @_JohnHammond Check the "How To Register" page. There are further directions there.

pssst... registration for #hacktivitycon2021 CTF is finally open and online. go do it. plz retweet for visibility cuz the game in A WEEEEEKKKK ctf.hacktivitycon.com September 16 - September 18!

Hypeee, registration for Hacktivitycon 2021 ctf (ctf.hacktivitycon.com) is up, Get registered because it's gonna be awesome. #hacktivitycon2021 #ctf #ctf4hire