Stop looking for id=1. Start looking for the logic flaws scanners miss. 🛑 Basic IDORs are dying. Modern apps use GUIDs (550e8400-e29b...) to hide data. But obscurity isn't security. Here is the blueprint for finding Advanced Broken Access Control in 2025. 🧵👇 #bugbountytips

Credential Guard was supposed to end credential dumping. It didn't. @bytewreck just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled. Read for more ⤵️

Just put the malware in the bag bro

https://t.co/OYhexry061

Check out Titanis, my new C#-based protocol library! It features implementations of SMB and various Windows RPC protocols along with Kerberos and NTLM. https://t.co/GC5wA2y3EO

DLL Sideloading for Initial Access – Red Team Operator's Guide 🔥 (new article) https://t.co/rXWXasjEQs - finding software to backdoor - finding DLL and function to backdoor - legit software backdooring - OPSEC considerations #redteam #infosec #malware #security

🐀💥 Just dropped a monster stash of wordlists for bounty hunters. We’re talking: ⚔️ Subdomains to slice attack surface 🔑 Creds & API keys for low-hanging wins 💉 Payloads (XSS/SQLi/SSRF/LFI/RCE) to pop boxes 📂 Directories & APIs no admin wants you to see Basically… your

TrapFlagForSyscalling - Evading userland hooks through indirect tampered syscalls with the Trap Flag. https://t.co/raJjbzKyos

gdbw v0.1.0 releasing tomorrow! 🐸 Still a lot to add but hoping to get it into user's hands sooner so that we can figure out pain points etc.

when looking for cache deception bugs remember to brute force delimiters in all endpoints returning sensitive data, In a recent target I found three endpoints Vulnerable to cache deception with Different delimiters, also try: /endpoint$delimeter$.js /endpoints/$delimeter$.js

Linux post-exploitation agent that uses io_uring to stealthily bypass EDR detection by avoiding traditional syscalls

This new @SpecterOps paper fills me with so much joy

Most red team books tell you WHAT to do. This one shows you HOW to actually do it. Red Team Engineering by @CaseyLErdmann breaks the "theory only" curse – custom tools, real infrastructure, the techniques that usually stay behind closed doors. From someone who's actually been

Introducing: Hells Hollow - Thought rootkit SSDT hooking was dead? Following my previous work, I have managed to essentially reintroduce SSDT hooks, capable of modifying the *original* KTRAP_FRAME and more! Whitepaper: https://t.co/eFDLsey9Av #infosec #cybersecurity

https://t.co/VP4NISIXv3

No fucking way lol

Things are happening soon… 👀

Process injection in Linux (beginners introduction) https://t.co/F5PYrXaJo3 #infosec #linux

we are literally at "jailbreak yourself" rofl

I hacked NASA for fun and !profit :) #BugBounty @NASA @Bugcrowd