Today I'm releasing Xenon, a custom Mythic agent for Windows targets written in C. Notable features include: 📁 Modular command/code inclusion 🦠 Malleable C2 Profile support 🪨 Compatible with Cobalt Strike BOFs https://t.co/oiKbSpwA7A Blog series - https://t.co/o3QLbHyzzt

We are extra thankful for our incredible lineup of Year 1 Sponsors for DistrictCon! https://t.co/C9e81D47NE

Back in May our team discovered a vulnerability in Netgear routers. Check out the writeup here:

Last year I wrote about an attack path I executed on a real engagement. Compromised a self-hosted GitLab runner which lead to pwning every EC2 in their AWS account via SSM permissions. Check out the blog post here 👉

The sample is currently 22/72 vendors on VT https://t.co/qOHVGEY85D

Multiple subdomains are hosting the phishing page which is masquerading as a Chrome browser extension. h[x] [x]pps://www.arcane0x0.exchange/ h[x] [x] ps://googlechromestore.arcane0x0.exchange/

The Mythic family continues to grow! Another cool Windows agent written in C that already has COFF execution! Be sure to check it out and their blog series on it https://t.co/XFhyeyaEWn

this.

I've made some long awaited updates to SQLRecon! Here's a couple of videos highlighting some of the big additions. Tool: https://t.co/lACpTXx94o Check out this thread ⬇️

In Havoc 0.6 hardware breakpoints are going to be utilized to patch Amsi/Etw and manipulate the behavior of AmsiScanBuffer/NtTraceEvent. I wrote an entire Hardware breakpoint engine from scratch (based on @rad9800's hwbp4mw engine) No more memory patching to bypass Amsi/Etw

my Monday brain is stuck on this timeline 😵 'The threat actor acted upon the access 1️⃣1️⃣ days later..."

CVE-2023-29357: Privilege Escalation with Microsoft SharePoint Server PoC + Exploit

Our EXE loader is now available to everyone on GitHub: https://t.co/jMwluAqnw3 We'll be uploading more repositories on our GitHub in the future.

Material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low" https://t.co/nEJAuwElb2 #redteam

🔴📌Checkout this video feat. @RedTeamVillage_’s very own @lazzslayer & @pwnEIP to learn more about this year’s workshop process. 🤖

Come stop by my workshop on DLL sideloading with @turbo_sec at Defcon 2023

Analysis of CVE-2023-3519 in #Citrix ADC and NetScaler Gateway (part 1 and part 2) // by @assetnote Vendors are really not doing a favor to defenders by keeping #vulnerability details from them… https://t.co/5SmbHHrjFr https://t.co/jwUbEQB7rt

🚨We found adversarial suffixes that completely circumvent the alignment of open source LLMs. More concerningly, the same prompts transfer to ChatGPT, Claude, Bard, and LLaMA-2…🧵 Website: https://t.co/ja2FPw9aad Paper: https://t.co/1q4fzjJSyZ

Here comes a new blog, In this one I've uncovered a new underground info stealer type malware "KrakenKeylogger". The blog will cover the Phishing campaign alongside with the execution chain, loader and injection process and overview of the malware capabilities (with some quick