This year it happened. What started as a spare time hobby and fun project became a commercial product for the Offensive Security community. I founded a company, @MSecOps . And this company will sell a Packer to Red Teams or Pentesters. (1/x) 🔥.

RT @whokilleddb: Another hoontr find: tprtdll.dll (like so many others) exposes some Nt/Rtl/Zw functions. It doesn't redirect to ntdll, ins….

What do you want to know?.

RT @_dirkjan: It seems there now is a BOF implementation of ADSyncDecrypt to dump Entra ID connect creds 👀.

RT @TwoSevenOneT: Feeling too familiar with using Sysmon? You can use it for #redteam purposes by having it overwrite the #antimalware exec….

RT @DirectoryRanger: DLL ForwardSideloading.

RT @TwoSevenOneT: Proactively creating processes with Protected Process Light (PPL) protection will give you more opportunities to abuse th….

RT @Synacktiv: The GroupPolicyBackdoor tool, presented at #DEFCON 2025, is now available on Synacktiv's GitHub: Thi….

RT @CICADA8Research: Hi Friends! We continue our series of articles about RPC and impacket. In the second part, we looked at tools that can….

RT @RedTeamPT: @SpecterOps found out that the EFS service (PetitPotam) can simply be activated by asking the endpoint mapper. Great researc….

RT @_dirkjan: If you didn't find my Black Hat / Def Con slides yet, they are available on . Also includes the demo….

RT @0xthirteen: I wanted to find out if you could start the WebClient service remotely, so I ended up digging into it .

RT @netbiosX: Lateral Movement as loggedon User via Speech Named Pipe COM & ISpeechNamedPipe + COM Hijacking by @ShitSecure .

RT @wil_fri3d: gpoParser, which I presented at #leHACK2025 and #DEFCON, is available here: It is a specialized util….

RT @_JohnHammond: For the life of me I can never remember the registry tweaks to avoid TPM checks when installing Win11 in a VM. I finally….

RT @eversinc33: As a little follow up, I wrote a small blog post/tutorial on how to reverse engineer windows drivers with IDA - this is aim….

For anyone using BRC4. My colleage @dis0rder_0x00 ported several BOFs to COFF format and we made a pull request to the official repo: 🔥🔥. Including:. AAD PRT.Get Azure Token.Multi RDP.PetitPotam.Session Enum.SelfDelete.Cookie Monster.SSPI UAC Bypass

RT @CICADA8Research: Hello, friends! We started writing a series of articles about Impacket. This will be useful if you have long wanted to….

Don't have the time and knowledge myself but also don't want to fully ignore this.

I have absolutely no clue on how to exploit driver vulnerabilities but found two (by default shipped with every Windows) potential arbitrary read/write vulnerabilities via fuzzing today. I was told it might take days to weaponize this. Whoever is interested might DM me. 🧐

Nice one 🙃☝️.

Because some C2’s are better for specific environments. e.g. sometimes .NET or NodeJS might be better. 🧐. Also you don’t want to get burned by core detections for some framework. If that happens in the middle of the project - you cannot do anything anymore. 👀.