Bad Sector Labs
@badsectorlabs
Followers
8K
Following
699
Media
72
Statuses
946
Cybersecurity news, techniques, exploits, and tools every week at https://t.co/UgKmeEEjIV 🐘 @[email protected]
Joined November 2011
Stop testing in prod (even someone else's)! Are you tired of installing Active Directory on your test VMs for the 100th time? Ever YOLO a binary off GitHub into prod because your testing setup is tedious? I've built a solution: https://t.co/HvzjwZLiwr (1/5)
ludus.cloud
The easiest way to deploy cybersecurity infrastructure
13
74
191
Thanks to the community for sharing your work! Follow along @badsectorlabs @lastweekinfosec, 🦋 (@ badsectorlabs. com), 🐘 (@ badsectorlabs.@ infosec. exchange) sign up for the email newsletter at https://t.co/xdz8iguwPR or subscribe to the RSS feed at
0
0
11
Tired of chasing every new ticker on X? Build a balanced Altcoin portfolio that survives red days too. Checkout how!
0
1
7
We published 44 editions of Last Week in Security in 2025, the best technical cybersecurity newsletter. We sifted through the noise (without AI!) to deliver: 📰 179 News Stories 🧠 407 Techniques & Write-ups 🛠️ 438 Tools & Exploits 👀 51 New X Accounts & 37 New Blogs followed
3
8
58
This edition is full of solid write-ups and tools!
SCOM lab (@synzack21), WatchGuard RCE (@_mccaulay), Clickjacking with SVGs (@rebane2001), macOS LPE (@theevilbit), and more!
0
0
9
SCOM is one of the most deployed, but least researched, System Center products. @synzack21 breaks down how it works + how to build a lab to test new tradecraft.
specterops.io
Yet another System Center Ludus configuration for your collection. https://github.com/Synzack/ludus_scom
1
46
103
Beyviel David and BloodHound🤝 Ludus If you're at BHEU, this will be a good one!
Generic AD labs don’t cut it. Stop by @bagelByt3s' #BHEU Arsenal session and hear about LudusHound, a tool that rebuilds real-world AD environments using actual BloodHound data. Learn more 👉 https://t.co/HyDGactVVq
0
5
17
🚀 OSWatcher v0.3 1⃣ Explore Windows evolution from Win95 ➡️ Win11-24H2 (with updates !) 2⃣ Registry explorer File download is disabled, for obvious reasons. ⭐ Feedback welcome! ➡️ https://t.co/PeWLVBR60x
🚀 OSWatcher v0.2 ✨ Real git log graph for OS snapshots ⚡ Live filesystem search with streaming results Demo: Search "systemd" across 20 years of Ubuntu history and watch 779 results stream in real-time 👇 ➡️ https://t.co/PeWLVBR60x 👉 Use "CTRL+K" as shortcut
3
8
25
Some great answers in this AMA but this is my favorite ☺️
Our Targeted Operations experts @curi0usJack, @oddvarmoe, @jarsnah12, and @GuhnooPlusLinux are live on #Reddit right now for an AMA! Ask your questions, get pro-level answers. Join the conversation now! https://t.co/bsRwMbR7H7
1
2
40
🚀 Introducing MoxPack: A template builder for Proxmox using Packer. Generate Windows & Linux VM templates with cloud-init support and sysprep. Ideal for lab automation and infra-as-code. https://t.co/ewTGY6NqIU
github.com
A Qemu Proxmox Template builder project using Packer - Orange-Cyberdefense/moxpack
0
33
130
Thrilled to share that the Star Wars NetExec lab I made for @_leHACK_ was fully automated by @LadhaAleem on Ludus/VWmare/VirtualBox🔥 Awesome lab with 2AD (rebels&empire), certificats, MSSQL trust, pre2k, and ofc gMSA 👾 Can you find the spy ? GitHub ➡️
github.com
Lab used for workshop and CTF. Contribute to Pennyw0rth/NetExec-Lab development by creating an account on GitHub.
3
81
298
When will I learn how to edit / compile my own Terraform / Ansible files 🥲 I love https://t.co/XjIUa3jAQA, it's so freaking dope. My limited small brain knowledge is what limits its potential.
0
1
3
Ludus is so useful and makes it easy to just deploy infra for whatever random shower thought I have. But it's gotten to the point that I need asset management for my lab environments.
3
3
47
I'm open to someone explaining the logic behind the AI Gated Loader to me. I only see downsides. https://t.co/vEiLXoYobM
blog.badsectorlabs.com
WriteAccountRestrictions fun (@unsigned_sh0rt), RCE in Dell UnityVSA (@SinSinology), Unity Runtime exploit (@ryotkak), Lenovo DCC LPE (@0x4d5aC), remote control over generators (@XeEaton), and more!
0
1
4
I set up a new flare VM today (fully automated via Ludus of course) and noticed the new wallpaper indicator for internet status. I wonder if Ludus' red/green wallpaper indicators for network connectivity inspired it @anamma_06? Either way, awesome!
0
5
83
Wow. 51 individual tools and a cross platform library to do all things SMB2, MSRPC, and "Security." Now that's a drop! 👏
Check out Titanis, my new C#-based protocol library! It features implementations of SMB and various Windows RPC protocols along with Kerberos and NTLM. https://t.co/GC5wA2y3EO
0
1
28
Constructing Defense lab - automated and on your own hardware. That's the power of https://t.co/1HabXkpoGf and the community! It sets up: - Windows events - ADCS Events - Sysmon - Linux telemtry with auditd - K8s audit logging - Full packet capture Awesome work @Antonlovesdnb
ludus.cloud
The easiest way to deploy cybersecurity infrastructure
HUGE quality of life update is now live for folks who have purchased Constructing Defense! The Ludus lab build is now fully automated and deploys all the components in the lab with just one command! In addition to this update, I have a little surprise as well... You can now
0
6
35
Most impactful vulnerability since EternalBlue and you can make the argument that it's actually more impactful as you don't need network access to machines to use it, just hit the cloud API. We are lucky Dirk-jan fights for the users. 🫡
I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful vulnerability I will probably ever find: a token validation flaw allowing me to get Global Admin in any Entra ID tenant. Blog:
2
4
78
Big post this week with lots of great write ups and tools. Wild that China's great firewall source code was leaked! 🔥🧱🇨🇳 https://t.co/bkAv3uczzV
blog.badsectorlabs.com
FreeBPX RCE (@chudyPB), badpie (@dtmsecurity), macOS auditd malloc woes (@jfmeee), Spotlight TCC leak (@patrickwardle), WSUS relaying (@Coontzy1), pyLDAPGui (@ZephrFish), and more!
0
3
9
Sure, a bunch of NPM packages got backdoor'd (again), but don't miss the great research and tools released last week!
blog.badsectorlabs.com
Metamorphic compilation (@tijme), Windows Secure Calls (@33y0re), macOS race condition exploit (@patch1t), NTLM relaying (@elad_shamir), iOS zero-click RE (@quarkslab), and more!
0
1
7
Compile C code to PIC (shellcode, BOF, or exe) without a reflective loader where every compile produces unique, functional shellcode?
Exciting times. I'm publishing Dittobytes today after presenting it at @OrangeCon_nl ! Dittobytes is a true metamorphic cross-compiler aimed at evasion. Use Dittobytes to compile your malware. Each compilation produces unique, functional shellcode. https://t.co/761G96JDF1
0
1
17
Never gets old when you're reading a great new technical blog post, and you see https://t.co/SFqewEhKSU wallpaper in the screenshots. It seems Ludus has quite the foothold at SpecterOps☺️ https://t.co/QcePoj5wuK
specterops.io
Explore how cookie theft has evolved in Chromium browsers with the shift from DPAPI to App-Bound encryption. This post breaks down modern cookie stealing techniques via COM, remote debugging, and...
2
3
30