Sam

Dusk (Zelda: Twilight Princess decomp port) out for PC/Steam Deck/Android/iOS youtube.com/watch?v=t9fQ4Z… twilitrealm.dev -Enhanced res -Uncap framerate -Gyro Aim -QoL -Achievements & More

‘I feel everything’ Embroidery on cotton & velvet.

Another zero day exploit released by some nerd (can't remember name right now) because they're annoyed with Microsoft. It's been confirmed by other nerds. It is yet another legit zero day. Whew. github.com/Nightmare-Ecli…

Neat hxr1.ghost.io/abusing-winml-…

iOS and macOS decompiler for IPA files github.com/LaurieWired/Ma…

I was bored last weekend and built an Active Directory vulnerability scanner that will remain 100% free, forever. I've tested it as much as I can locally and would love to see some other folks get hands on. I call it ADPulse. github.com/dievus/ADPulse

Today is my last day at @OrangeCyberUK after nearly 9 years, having been a part of the @sensepost team was a privilege, some of the very best people and really encompassed the hacker ethos and sense of community. Off to road trip New Zealand for 3 weeks then back to hacking!

You require more passwords 👾 . Finally, released breach.txt, a wordlist built from real-world passwords found in breaches, forum dumps, leaked logs, and other "sources". weakpass.com/wordlists/brea… Will try to keep it up-to-date, at least for some time 😀 #infosec

@wildfirescrolls Enjoy! It was one of my favourite films last year, those pair can act!

NTLM reflection attacks can be used to compromise Active Directory domains even with SMB signing if systems aren’t fully patched depthsecurity.com/blog/using-ntl…

InterceptSuite: MITM proxy for IoT devices, thick clients, and real-time applications GitHub: github.com/InterceptSuite…

My Christmas ornaments are officially ready to find their homes, thank you so much again for all your lovely messages & so much interest! There are only 10 of these available ♥️

I said I was leaving here for good but guess not! Hello! I’m back! I’m Em, a traditional craft embroidery & fibre artist from England! Here’s my recent collection- ‘Roots’, a collection of longing for home, community & somewhere to call your own.

Tools such as PsExec.py from Impacket are usually flagged for lateral movement due to the pre-built service executable that is dropped on the remote system. However, some vendors also flag Impacket based on its behaviour. With RustPack, you can easily create service executables that won't be detected by signatures or behaviour-based detection. 😎 In this demo video, an unsigned service executable is generated. This will only fire the payload on a system with the hostname 'Win11' — environmental keying will prevent the payload from showing up in a sandbox or cloud analysis. To avoid Impacket detection, we drop and execute the binary via the recently released Titanis protocol library from @TrustedSec: github.com/trustedsec/Tit…. The result is an Adaptix C2 connection in the SYSTEM context. 🫡 #Pentest #RedTeam #Malware #OST

The UK is demanding another backdoor in Apple’s encryption. ft.com/content/d101fd…

Say what you like about Banksy, but with these two pictures, he's managed to sum up the attitude of 'British democracy' to free speech when it comes to Israel and the genocide in Gaza. Trotsky once said that art must tell the truth. I'd say he's met that standard.

Added a new tool to: powershellforhackers.com/tools/revshell/ ⚠️Please Use Responsibly⚠️ You can use this to instantly generate an obfuscated reverse shell in powershell that i have personally used to beat EVERY single EDR out there right now. I've added some pretty cool stuff to my website but this is one of my favorite additions. 🛑 Disclaimer: This tool is for educational and authorized security testing only. Misuse could be illegal. Don’t be dumb. Shoutout to the only ones that were actually able to stop it, using something called "ring fencing" @ThreatLocker This is not a sponsored post, just a fan of them #Edr_Is_Not_Enough

A researcher published a Burp Suite extension that automates LinkedIn profile extraction for reconnaissance activities. LinkedIntel operates as a proxy-based tool that monitors LinkedIn's GraphQL endpoints to harvest profile information including full names, job titles, locations, and premium status indicators. 📍 "The extension monitors LinkedIn's GraphQL endpoints: /voyager/api/graphql and /voyager/api/search" 📍 "Auto-extract profiles while you browse LinkedIn through Burp's proxy" 📍 "Profiles get saved as CSV files with timestamps for records" The tool demonstrates how social media platforms remain valuable intelligence sources. The automated extraction capability highlights the persistent challenge of balancing platform openness with privacy protection in professional networking environments. Organizations should consider the reconnaissance potential of their employees' LinkedIn profiles when developing security awareness programs. Source: github.com/two06/LinkedIn…

Created small tool that joins a device to a Tailscale network and exposes a local SOCKS proxy. It’s built for red team pivots and quick access into (restricted) environments. The underlying tsnet library is currently Go-only, so it's semi-portable for now. github.com/Yeeb1/SockTail

I’ve put everything up a bit early! So it’s all available now, thank you so much if you choose to support me & my artwork this month- I’m so grateful ♥️