inbits

Introducing Havoc Professional: A Lethal Presence We’re excited to share a first look at Havoc Professional, a next-generation, highly modular Command and Control framework, and Kaine-kit our fully Position Independent Code agent engineered for stealth! infinitycurve.org/blog/introduct…

Managed to pick up my first CVE recently, in a Netskope driver. Simple bug but learnt a lot in the process. Hopefully many more to come this year! inbits-sec.com/posts/cve-2024…

@vxunderground @whid_ninja 🥷

Our friend @whid_ninja hooked us up with a Hardware Hacking Offensive Security training + exam. It comes with a bunch of super cool tools too =D *Winner must disclose their home address to receive the package in the mail Comment below to win:) Course: whid.ninja/store/product/…

@vxunderground @werupz This looks sick!

For Black Mass Volume II we spent an extra shiny penny, from our own pockets, to hire an artist who is an illustrator for Magic: The Gathering, Mythgard Tcg, Hit PointPress, Adi Shankar/Netflix, Legendary Games, and more. Thanks to @werupz for the amazing work.

@C5pider thanks man! 🙏

@inbits_sec nice work 🔥🤘

Wrote a tool a few weeks ago to obfuscate a payload in a generated CSS file. Started off my career as a frontend dev - it's been years since i've looked properly at CSS and I can't say it was a happy reunion 😂 inbits-sec.com/posts/new-tool…

@0xTriboulet @KevinNaughtonJr It's a treadmill!

@KevinNaughtonJr Homie doesn’t even have a chair

"i need 3 monitors" "i need a mechanical keyboard" "i need noise cancelling headphones" Linus Torvalds, creator of the Linux operating system's, setup:

@vxunderground Rootkits and Bootkits 🫚👢

Due to the increasing number of sponsors, and monthly donors, we have some money for a giveaway. - The Art of Mac Malware - Rootkits and Bootkits - The Giant Black Book of Computer Viruses Comment which book you'd like to receive! * Winners will be DM'd. If you do not reply in 24 hours you will forfeit your win and a new winner will be selected. * A physical address must be supplied, failure to provide a valid shipping address will result in a forfeiture of your prize. * We will send the book anywhere in the world, as long as the destination country is not sanctioned (sorry North Korea). * Prize winners will be selected September 6th, 2023.

Started using a separate rig for maldev/lab stuff to keep it separate from the gaming one and all that's really happened is I've ended up convincing myself I need to buy a whole new set of nice peripherals

Wrote up a post on some experiments #unhooking Falcon without using VirtualProtect: inbits-sec.com/posts/in-memor…

@Securityblog @vxunderground Yep it’s here amazon.co.uk/dp/B0BM4BMD53/…

@vxunderground Not available on Amazon uk?

You can now buy vx-underground Blackmass Volume 1. on Amazon in paperback form. The book is $8. 😎👍 amazon.com/dp/B0BM4BMD53

AES decryption using the Cryptography API: Next Generation (CNG) instead of the CryptoAPI. gist.github.com/inb1ts/e9aaa38…

Been devouring the @SEKTOR7net maldev courses over the last few weeks. Wanted to build some other foundations before hitting maldev (OSCP/doing more C/bit of RE). Loving it now I’m here.

4. With Kernel debugging enabled, you can actually run ntsd.exe without it spawning a new window at all by using the -d flag. This sends all debugger output to a non-existent kernel debugger): ntsd.exe -d -cf C:\Tools\x64_calc.wds -o notepad.exe

3. Ntsd.exe is identical to cdb.exe except that it launches a new console window. It seems to be mentioned less frequently as a LOLbin that cdb.exe (it's not listed on lolbas-project.github.io/# for example). Presuming this is because the extra window is less stealthy?

Been playing with using cbd.exe for execution after the @SentinelOne Metador report. @mrd0x has a great overview of some of the offsec capabilities, building on Matt Graber's work. Found a few possibly useless additions that I haven't seen mentioned elsewhere.