Ex Android Dev

@vxunderground @mrgretzky Comment

Giveaway. @mrgretzky is sponsoring 12 vouchers for the "Evilginx Mastery" course thingie from Breakdev Academy Leave a comment below for a chance to win. Pic unrelated

@vxunderground @mrd0x @MalDevAcademy Comment

Giveaway. Thank you @mrd0x for sponsoring this. We've got FIVE @MalDevAcademy vouchers. These vouchers are bundles. This vouchers give you: - Full access to malware source code database - Full access to malware development course Comment below for a chance to win.

@vxunderground @whid_ninja 👀

Hello, we're doing a giveaway because we missed 1 giveaway from December. Our friend @whid_ninja hooked us up with their Offensive Hardware Hacking Training course. This is self-paced and comes with an exam voucher. It also comes with a hardware hacking kit and other cool gadgets. Using this course requires you signing an NDA with WhidNinja, you have to pinky promise not to leak the material, or something. See subsequent post for more details. If you want to become a cool and badass hardware hacking nerd, leave a comment below for a chance to win. - Winners will be selected randomly in the next 24 hours. - We will DM winners. - If you do not confirm your win in 24 hours a new winner will be selected - If your DMs are closed, you automatically forfeit your prize

@vxunderground @AlteredSecurity 👀

Good morning, afternoon, or night. We're continuing giveaways. We're on number ??????? Our friends at @AlteredSecurity hooked us up with 5 vouchers for their Certified Red Team Professional course. See subsequent for course details. If you want to do cool red teaming hacker stuff, leave a comment below. - Winners will be selected randomly in the next 24 hours. - We will DM winners. - If you do not confirm your win in 24 hours a new winner will be selected - If your DMs are closed, you automatically forfeit your prize

🚨 If you haven’t tested your Microsoft 365 environment like an APT, the time is now! Introducing msInvader, an adversary simulation tool designed to emulate attack techniques within M365 and Azure environments. 🔑 Key Features: •Versatile Authentication Simulation: 🔄 Supports multiple OAuth flows to mimic various attack scenarios, including compromised user credentials and service principals. •Comprehensive Exchange Online Interaction: 📧 Engages with Exchange Online through Graph API, Exchange Web Services (EWS), and the REST API used by the Exchange Online PowerShell module. •Diverse Technique Simulation: 🎯 Capable of simulating techniques such as reading emails, searching mailboxes, creating rules, and more, providing a thorough assessment of your security posture. Enhance your detection capabilities by simulating real-world attacks with msInvader. 🛡️ Check it out here: github.com/mvelazc0/msInv…

@vxunderground @cyberwarfarelab 👀

Hi, it's giveaway number ??? (we're almost half way there) Our friends at @cyberwarfarelab hooked us up with 5 vouchers for their Certified Exploit Development Professional course. If you wanna learn about about exploit development, leave a comment below. - Winners will be selected randomly in the next 24 hours. - We will DM winners. - If you do not confirm your win in 24 hours a new winner will be selected - If your DMs are closed, you automatically forfeit your prize Have a nice day

At #Pwn2Own Ireland, our team successfully exploited vulnerabilities in the Lorex 2K Indoor WiFi Camera. Check out our blog for the full technical breakdown: blog.infosectcbr.com.au/2024/12/exploi…

@vxunderground @MalDevAcademy 👀

Hi, it's tuts-for-nerds giveaway ??? (lost track of giveaways) Our friends at @MalDevAcademy hooked us up with x3 lifetime access plans and x3 database access plans Thank you, mr.d0x and friends for hooking us up and supporting our giveaways. If you'd like to learn about malware development, leave a comment below - Winners will be selected randomly in the next 24 hours. - We will DM winners. - If you do not confirm your win in 24 hours a new winner will be selected - If your DMs are closed, you automatically forfeit your prize Have a nice day

Today James Forshaw (@tiraniddo) did a quick assessment on the new Windows 11 Sudo.exe. Despite his quick assessment, the blog post is wonderful. It is an excellent read. We recommend it:) tl;dr fancier ShellExecute 😭 tiraniddo.dev/2024/02/sudo-o…

Do you want to start the RemoteRegistry service without Admin privileges? Just write into the "winreg" named pipe 👇

@sertzoff You are welcome. I'm glad it was helpful.

@ExAndroidDev Thanks for your write-up on phishing with a fake meeting invite! We've had something like that reported by a user today and it was helpful to understand how it works.

🚨 Beware, Mac users! MetaStealer, a new info-stealer #malware, is targeting #macOS. Learn how it's posing as prospective clients to trick victims into launching malicious payloads. Learn more: thehackernews.com/2023/09/beware… #cybersecurity #hacking

Zero-click iOS exploits (@citizenlab), in-the-wild Chrome 0day, physical/mobile RE writeup (@elttam), Linux LPE (@SidewayRE), and more! blog.badsectorlabs.com/last-week-in-s…

In our latest post, @breakfix details how we were able to publish a malicious VSCode extension to the marketplace and leverage it for initial access during a red team mdsec.co.uk/2023/08/levera… vimeo.com/853281700?shar…

Here is my #exploit and blog post for the VMWare Aria Operations for Networks which has CVSS 9.8 and targets all the versions from 6.0 to 6.10 (CVE-2023-34039) Apparently VMware forgot to regenerate their SSH keys 🔐 summoning.team/blog/vmware-vr…

Forget vulnerable drivers - Admin is all you need Article 👉 elastic.co/security-labs/… 👇 Demo - enable sound 🔊

Here is PoC for LPE in Windows Error Reporting Service CVE-2023-36874 github.com/Wh04m1001/CVE-…

If you need to get information on a GitHub account, You can try GitSint, which allows you to retrieve information on #github through username, email, and organization. github.com/N0rz3/GitSint @norze15 #OSINT #cli #tool #intelligence #infosec #CTI #ThreatIntel #cybersecurity

Big news! Someone finally noticed that if you hold down CTRL, the process list in Task Manager conveniently freezes so you can select rows without them jumping around. I did this so you could sort by CPU and other dynamic columns but then still be able to click stuff...

Really cool lists for hash cracking I just stumbled upon: github.com/kaonashi-passw…