🧐 Want to perform a Dependency Confusion attack? Try searching for the following files. I wonder if I was able to collect a complete list of potential dependency files? Do you know any others?.

Hi Friends! We continue our series of articles about RPC and impacket. In the second part, we looked at tools that can be used to analyze RPC servers, and also examined RPC security issues : ).

Hello, friends! We started writing a series of articles about Impacket. This will be useful if you have long wanted to understand this tool and create your own tools for Coerce, Lateral Movement and other RPC Abuse :).

Read our new article about privilege escalation via SymLinks! You will learn how to abuse arbitrary deletion, copying, overwriting, we will show you a couple of tricks and teach you a new interesting way to bypass UAC :).

Hi friends! We would like to share with you our new article in which we look at various non-standard ways to use ADCS certificates in Windows AD 🧐.

Hello friends! There is a lot of information about Kerberos Relay out and it is easy to get confused! That's why we have created a small MindMap to help you understand Kerberos Relay. U can find PDF/HTML/PNG version here:.

Hi friends, Recently @mansk1es presented his research about LPE in AnyDesk (CVE-2024-12754). Our team developed a POC on this vulnerability😀. Check it here:.

▎SpyWare 2.0 🔍. Read our new research and learn about MS UIA technology. You will explore the depths of COM, graphical elements in Windows and spy on WhatsApp, Telegram, Slack, and Keepass. 🕵️‍♂️💻. Tool:.

Rogue OpenVpn and WireGuard! 🧭. Still sending docm macros? Reconsider your phishing scripts! Send openvpn and wireguard configurations! U can easily achieve command exec using VPN : ). Examples here:.

Hello everyone! Our team loves everything related to LPE exploits. However, there is no publicly available list on the web with fresh LPE exploits (2023-2024) for Windows. However, we do have such a list. And we are sharing it with you!.

Hi! We'd like to share our new research with you. You've probably heard about COM Hijacking, but we've found another way of persistence via COM. Typelib! Read the article here:.

Do you want to start researching COM? We've created a set of tools to make it easy to find LPEs via COM in Windows!. Check it here:.

Our new article about privilege escalation via vulnerable MSI files. All roads lead to NT AUTHORIRTY\SYSTEM :).

Hi friends, we felt that the topic of in-memory payload execution was not covered enough, so we've collected our own notes and hacks that we use on pentests to execute in-memory (reflective) payloads. Enjoy reading!.

Process Injection is Dead. Long Live IHxHelpPaneServer . How can a user's session be abused without process injection, remotekrbrelay, tgsthief?. Read it in our new article:. POC:.

New article posted! 😀. From HTTP to RCE. How to leave backdoor in IIS . Read it here:.

Hi friends, this is the CICADA8 research department's Twitter account. Here we will share our articles and tools for penetration testing.