Florian Hansemann
@CyberWarship
Followers
85K
Following
9K
Media
9K
Statuses
19K
Father, Founder @HanseSecure, Pentesting, Student, ExploitDev, Redteaming, InfoSec & CyberCyber; -- Mastodon: https://t.co/KFSKYUN98M
Munich, Germany
Joined January 2015
156
98
423
''yIKEs (WatchGuard Fireware OS IKEv2 Out-of-Bounds Write CVE-2025-9242)'' #infosec #pentest #redteam #blueteam
https://t.co/YkqCQ49cgA
labs.watchtowr.com
Note from editor: Before we begin, a big welcome to McCaulay Hudson, the newest member of the watchTowr Labs team with his inaugural blog post! Welcome to the mayhem, McCaulay! Today is the 8th of...
0
0
0
''Catching Credential Guard Off Guard - SpecterOps'' #infosec #pentest #redteam #blueteam
https://t.co/rsqqPCg8pE
specterops.io
Uncovering the protection mechanisms provided by modern Windows security features and identifying new methods for credential dumping.
0
3
15
''How to find RCE: A list of pathways and detection methods | @Bugcrowd'' #infosec #pentest #redteam #blueteam
https://t.co/sKY3565Amz
bugcrowd.com
Yeah, skydiving is cool I guess but… have you ever landed an RCE vulnerability in the wild? The dopamine rush is enough to silence imposter syndrome for a week. If you would like to experience this...
0
1
11
''Pwn2Own 2025: Pwning Lexmarks Postscript Processor - BoredPentester'' #infosec #pentest #redteam #blueteam
https://t.co/DiZ8rUQoYu
boredpentester.com
I spent the last few months researching Lexmark’s printer for this year’s Pwn2Own Ireland 2025. Unfortunately, my bug got patched out a week before the competition, so I thought it might be fun to...
1
1
4
''New CoPhish attack steals OAuth tokens via Copilot Studio agents'' #infosec #pentest #redteam #blueteam
https://t.co/aQvEuJwQsR
bleepingcomputer.com
A new phishing technique dubbed 'CoPhish' weaponizes Microsoft Copilot Studio agents to deliver fraudulent OAuth consent requests via legitimate and trusted Microsoft domains.
0
8
44
''GitHub - DarkCoderSc/OptixGate: Open-source multi-purpose remote access tool for Microsoft Windows'' #infosec #pentest #redteam #blueteam
https://t.co/rth8IOU6ZT
github.com
Open-source multi-purpose remote access tool for Microsoft Windows - DarkCoderSc/OptixGate
0
14
74
''Oops! Its a kernel stack use-after-free: Exploiting NVIDIAs GPU Linux drivers - Quarkslabs blog'' #infosec #pentest #redteam #blueteam
https://t.co/c02Uin1KR0
0
2
7
''Digging into Windows Defender Detection History (WDDH)'' #infosec #pentest #redteam #blueteam
https://t.co/ZQ30Pa6ERL
orangecyberdefense.com
Some Windows artefacts are well documentd, others are not – like the WDDH. An analyst's guide to better understanding this recurity relevant item.
0
9
44
''notes/How to Get Started In Vulnerability https://t.co/WcsdB7rU5d at main · udunadan/notes'' #infosec #pentest #redteam #blueteam
https://t.co/PWpGPwJjCm
github.com
Contribute to udunadan/notes development by creating an account on GitHub.
0
4
20
''Microsoft Windows Cloud Files Minifilter TOCTOU Privilege Escalation - Exodus Intelligence'' #infosec #pentest #redteam #blueteam
https://t.co/8vIjQgv5nj
blog.exodusintel.com
By Michele Campa Overview In this blog post we take a look at a race condition we found in Microsoft Windows Cloud Minifilter (i.e. cldflt.sys ) in March 2024. This vulnerability was patched in...
0
15
53
''CVE-2025-59287 WSUS Remote Code Execution'' #infosec #pentest #redteam #blueteam
https://t.co/eEaXqUI3ZK
hawktrace.com
A technical WSUS advisory for CVE-2025-59287: unsafe deserialization in Windows Server Update Services that allows remote code execution.
0
4
18
''Bootloader to Iris: A Security Teardown of a Hardware Wallet'' #infosec #pentest #redteam #blueteam
https://t.co/gud6MAwmmJ
hhj4ck.github.io
Recently, I got my hands on a hardware wallet that features iris recognition as a selling point. The novelty of the iris component sparked my curiosity, so I decided to take a deep dive into its...
0
0
2
''Decrypting credentials from SCCM site servers configured for high availability | IBM'' #infosec #pentest #redteam #blueteam
https://t.co/0xYuXKvc7N
ibm.com
Follow IBM X-Force as they work out the secrets to decrypting credentials vaulted by Microsoft’s System Center Configuration Manager (SCCM).
1
6
27
Vielen Dank für das spannende Interview @benungeskriptet
"Wir sind verkleidet ins Rechenzentrum eingebrochen" Trailer zur neuen {ungeskriptet} Podcastfolge mit Hacker Florian Hansemann @HanseSecure Die ganze Folge gibt es diesen Mittwoch um 18:00 Uhr auf Youtube, Spotify und überall, wo es Podcasts gibt!
4
1
29
''Let’s Create Some Polymorphic PIC Shellcode!'' #infosec #pentest #redteam #blueteam
https://t.co/zpB2kWzrX0
g3tsyst3m.com
Alright I’ll admit I’m pretty pumped for today’s post 😸 Shellcode and x64 Assembly are one of my favorite topics to cover. I don’t know why, but something about assembly and shellcode fascinates me....
2
19
71
''North Korean Hackers Combine BeaverTail and OtterCookie into Advanced JS Malware'' #infosec #pentest #redteam #blueteam
https://t.co/d97MpDoKGc
thehackernews.com
OtterCookie v5 merges BeaverTail features with new keylogging and blockchain-based C2 tactics.
0
0
1
''Detecting Active Directory Password-Spraying with a Honeypot Account'' #infosec #pentest #redteam #blueteam
https://t.co/5pV9DORXMc
trustedsec.com
0
3
11
''A Story About Bypassing Air Canadas In-flight Network Restrictions'' #infosec #pentest #redteam #blueteam
https://t.co/16UX0nNCFl
ramsayleung.github.io
1 Prologue A while ago, I took a flight from Canada back to Hong Kong - about 12 hours in total with Air Canada. Interestingly, the plane actually had WiFi: However, the WiFi had restrictions. For...
0
1
9