Honored to make it onto Palo Alto’s Hall of Fame! Big thanks to their awesome security team. Full list here: https://t.co/tev4QrX9XL #BugBounty

Evade behavioral analysis by executing malicious code within trusted Microsoft call stacks, patchless hooking library IAT/EAT

PrivKit is now in its best version! Built by Red Team beasts, for Red Teamers! Huge shoutout to @nickvourd for completely overhauling PrivKit and turning it into a far more polished, battle-ready tool. https://t.co/tyqD5JhMc6

Demystifying and Bypassing ASR by Understanding the AV's Signatures https://t.co/TJLJf2nsHx

New Evil-WinRM version (3.8). Awesome work of @CyberVaca_ and others involved. Thanks to all who contributed. Cool changes including Kerberos stuff and more! Ruby gem is available now "gem install evil-winrm" to update it as always.😈 https://t.co/PEwvSTxt8p #evilwinrm #hacking

Security Navigator 2026 https://t.co/mbiqy4Ti4y

Yay! Wyrm v0.6 is out! Super excited by this update which majorly features in-memory execution of dotnet binaries sent over HTTPS from the C2! Tested on Active Directory, with the C2 being on public infrastructure (aws t2.large CPU takes ~ 4 mins to build the agent). v0.6.1 has

smalidea-ng now supports line mapping between Smali and Java thanks to JADX. This also works while debugging of Smali code.

Today I share my first ever blogpost and give u another tool drop. I'll show you how to delegate your C2s HTTP-traffic to chromium-based browsers, using the Chrome DevTools Protocol. Blog: https://t.co/FOvN65z01S GitHub Repo with library for you to use:

Malware on Steroids – Part 1: Simple CMD Reverse Shell TL;DR: in this post, we will be walking through a simple C/C++ based reverse CMD shell over TCP. https://t.co/QfwkXco14F

''Windows Inter Process Communication A Deep Dive Beyond the Surface - Part 7'' #infosec #pentest #redteam #blueteam https://t.co/oOfgpjyAG2

Breaking the MalDev Myths ! https://t.co/8ia5NsDH3X

Our team discovered CVE-2025-13032, an LPE in the Avast sandbox driver! Read the story of a SYSTEM token heist involving a break-in and escape from the antivirus sandbox. Full details: https://t.co/UzxwvrT3C1 #CVE #LPE #Antivirus #KernelExploit #WindowsSecurity

Quick update. We just added a new EDR vendor directory page to the platform. If you want a clean overview of who’s included and a preview of the comparison features, start here: https://t.co/WTzIFYkUZe You can also see the roadmap and the vendors that we are currently

#Malcat tip: #Kesakode can be useful even when facing unknown/packed samples. Check "Show UNK" and focus on unique code and strings. Here a simple downloader:

Cobalt Strike - CDN / Reverse Proxy Setup TLDR: This post explains in detail how CDN can be used in conjunction with a C2-domain and Nginx as a reverse proxy in the context of Cobalt Strike for C2 communications. Blog: https://t.co/Rw1p3QeI0E

Cybersecurity is the only field where “nothing happened” is the success metric. If you do your job perfectly, the reward is silence and a budget cut next quarter.

Ghostwriter v6.1 is out! 🐕 Full BloodHound integration 📝 Collaborative project notes 📑 Improved caption editor 🌙 Dark mode support 🔐 SSO/MFA & usability upgrades @cmaddalena breaks down how 6.1 streamlines assessment + reporting. ⬇️

Malware Sideloading via MFC Satellite DLLs: https://t.co/kMcFN9mgiP This blog post describes a DLL sideloading technique that is used by Turla, BRONZE BUTLER and likely also other threat actors. This technique affects thousands of MFC applications.

In a recent case, my teammate @mgreen27 analyzed several .NET in-memory payloads and discovered an X() function in one sample that performs DNS-based reconnaissance. It sends the host’s name to a designated DNS server, where the requests are logged and displayed on a web

Windows secrets extraction: a summary After compromising a Windows host and having obtained local admin privileges, secrets extraction is usually the first step performed to elevate privileges in the context of an ad domain or to perform lateral movements inside an internal