Stop wasting your time on Netflix, @OrangeCon_nl 🍊 has released this year’s talks. I’d recommend watching @pop_rbx research on remote and silent installation of extensions in Chromium browsers 🔥 LSASS is dead, long live the browsers ! https://t.co/kSaAN1So60

ProxyBlob is alive ! We’ve open-sourced our stealthy reverse SOCKS proxy over Azure Blob Storage that can help you operate in restricted environments 🔒 🌐 https://t.co/KO4AYUDTmb Blog post for more details right below ⬇️

This series of posts is aimed at people who are new to the red teaming and malware developement fields. The goal is to explain some techniques and their sub-techniques based from the MITRE ATT&CK Framework. Let's start by the infamous Process Injection :

🦇 Introducing "Batblog", a free easy level Linux machine designed to be vulnerable. Your mission is to exfiltrate the 2 flags (user.txt & root.txt). Start this machine here : https://t.co/oM9Jd2aRCU

After two years of hard work with @virtualabs , we are proud to release for DEFCON32 the first public version of WHAD, a whole new ecosystem of opensource libs, tools & firmwares for wireless security ! The main repo is here: https://t.co/s62l8o8h1m . And now, demo time ! [1/n]

Henlo ! 🧙 Vous vous êtes déjà demandé si un super tool un peu obscure a déjà été présenté ? Si un article a déjà été décortiqué ? Si une technique d'exploitation a déjà été introduite ? Ou même si nos chercheurs et hunters adorés ont déjà été invités à partager leurs

We asked our community to select a new name for our cyber training platform and here it comes with a refreshed look 🏴‍☠️ Check this out : https://t.co/oM9Jd2bpss Stay 1337 and tuned for upcoming challenges, vulnerable machines and CTF events !

Hello world 👋 In 2022, @0xNarek and I studied an APT named Serpent Group that has been discovered by @proofpoint and @VMware TAU. This threat actor targeted numerous french government entities during the 2022 presidential campaign. We reproduced their TTPs and came up

Is remote code execution in UEFI firmware possible? Yes it is. Meet #PixieFAIL: 9 vulnerabilities in the IPv6 stack of EDK II, the open source UEFI implementation used by billions of computers. Full details by @fdfalcon and @4Dgifts in our new blog post: https://t.co/g4Bg2GK4Y8

Salut, shalom, salam camarades. Voici la 3eme partie de la série « Anatomie des EDR ». Cette fois ci, on va voir les processus, services, PPL et clés de registre Windows, utilisés par un EDR. https://t.co/zmcjUtBTUL #redteam #windows #edr #maldev

I've just started a blog on #maldev and #redteaming. Nothing fancy yet, just me trying to see if I've understood correctly. The first post is about a custom version of GetModuleHandle and GetProcAddress in #go. Check it out:

Hello, Voici la partie 2 de la série d’articles Anatomie des EDR. Cette fois ci, on va voir le fonctionnement des drivers d’un EDR avec plus de détails (kernel, callbacks, minifilters, etc). https://t.co/Y4jF1DvLKh #redteam #maldev #edr #blueteam

Salut salut, Voici un premier article que j’ai pondu pour décrire de manière très vulgarisée ce qu’est concrètement un EDR. J’ai pris #SentinelOne en exemple car il est considéré comme étant l’un des leaders. https://t.co/z4HZe3cJ5F #redteam #maldev

I was playing with some AMSI bypass techniques and came across this talk https://t.co/gFteiVdh6H by @maorkor I decided to implement AMSI context structure patching in current or remote process in #Go

When your code works, but you have no idea how

New CrackMapExec module to dump Microsoft Teams cookies thanks to @KuiilSec contribution✌️ You can use them to retrieve informations like users, messages, groups etc or send directly messages in Teams 🔥 Initial discovery by @NoUselessTech 🪂

https://t.co/F0jGfiGOv6 XSS via reverse DNS. Haven't tried yet. #BugBounty #bugbountytips #bugbountytip @XssPayloads @theXSSrat

POV: you work in cyber security

Successfully reproduced the Gitlab Project Import RCE (CVE-2022-2185) Got headache while reading Ruby for last 2 weeks, but it worth definitely digging in Have good read! https://t.co/MDWcIMfxTh

Playing around with #FlipperZero. @FordFrance is that normal ?