Rey Bango πΊπ¦π»
@reybango
Followers
23K
Following
14K
Media
6K
Statuses
65K
Advocate for AI & Security | I hack into things sometimes. Opinions are mine. Fortis fortuna adiuvat. It's a good time to cause a little chaos.
Joined March 2007
π WARNING: CVE-2025-20393 is rated 10.0, with no patch available. Cisco confirmed active exploitation of an AsyncOS zero-day by a China-linked APT. The flaw allows root-level command execution on affected email security appliances and enables attackers to establish
24
297
1K
Empire v6.3.0 is out! β’ mTLS agents & listeners β’ ChaCha20-Poly1305 encryption + DH key exchange β’ HTTPS host reuse across HTTP & malleable listeners β’ Customizable C# obfuscation via EmpireCompiler β’ Major dependency upgrades & stability fixes https://t.co/N2LohfASJ8
github.com
Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers. - BC-SECURITY/Empire
2
26
89
i've been hacked and traced the malware's wallet to see how much money they actually made from this new exploit (if you use Next.js/React, READ THIS!) I woke up to a terrifying email from Hetzner: "Netscan Detected." my server was blocked and a botnet was using my IP to
274
883
5K
What do I do on the weekend? I install Game of Active Directory Ninja Hacker Academy on AWS of course! π I'm running through the install so I can learn more about the range deployment onto cloud services. Always be learning something new. Grateful to @orangecyberdef & @M4yFly
0
0
2
Black Friday and Cyber Monday deals are out! I review some of them and link to a community GitHub page for you all to get discounts on courses, tools and services! Deals from @_RastaMouse, @_JohnHammond, @offsectraining, @evilginx, @Antisy_Training and a whole lot more.
1
4
11
NoCat isnβt the only small decoy-style tool Iβve ended up writing. Thereβs also APTSimulator and a minimal ransomware simulator, both meant just to create artefacts for tests. Might be worth collecting these in one place at some point. Still unsure what to call that category.
github.com
A toolset to make a system look as if it was the victim of an APT attack - NextronSystems/APTSimulator
I seem to have developed a new hobby: building decoy hack tools. Binaries that look suspicious, act like the real thing, and then⦠do absolutely nothing. Just released NoCat, a Netcat impersonator for detection tests and pipelines. https://t.co/E5AKsh7uaR
4
19
160
π₯· Beyond OSINT Basics on Black Friday! π₯· 25% Off @mish3alkhan's Level Up OSINT Course. Lowest price EVER $112.50! Free & NameYourPrice options, too! https://t.co/YHYHLTCvNu Hurry... 25% Off Code Expires Midnight ET Nov 30. Mishaal's OSINT and OpSec Catalog on JHT (Author Page
0
4
12
π¨ North Korean hackers uploaded 197 malicious npm packages (31K+ downloads). They drop a new OtterCookie variant that steals passwords, crypto data, and screenshots β all from a fake job interview setup. Details here β
thehackernews.com
North Korean actors deployed 197 new npm packages delivering evolved OtterCookie and GolangGhost malware through fake interview schemes.
1
60
152
@reybango @_RastaMouse @_JohnHammond @offsectraining @evilginx @Antisy_Training Thanks for the shootout! Just in case... 25% Off ALL Courses with code BLACKFRIDAY25 at https://t.co/wi55NNLaqK. Excludes already discounted Bundles. Expires Midnight ET Nov 30.
justhacking.com
Just Hacking provides "Focused Technical Training for All Levels" with 4 types of affordable, hands-on options by John Hammond & All-Stars.
0
1
3
Black Friday and Cyber Monday deals are out! I review some of them and link to a community GitHub page for you all to get discounts on courses, tools and services! Deals from @_RastaMouse, @_JohnHammond, @offsectraining, @evilginx, @Antisy_Training and a whole lot more.
1
4
11
25% Off ALL Hacking Courses π¦ John Hammond & 30+ All-Stars advance your technical cybersecurity career in affordable, hands-on cyber ranges. Lots of Free & NameYourPrice options, too! Code = BLACKFRIDAY25
0
8
16
I've stopped nearly 100% of cyber attacks using this 1 simple trick. I open all ports on the computer. I never update the OS. I removed all passwords. When hackers find the computer they say, "This has to be fake. No one is this vulnerable." Then they turn around and LEAVE.
102
174
5K
Pentest reporting isn't fun so I synced up with Victoria Mosby of @PlexTrac to challenge her to take my first ever pentest report (ugh!) and use PlexTrac to show me how I could've streamlined its creation. She did not disappoint. https://t.co/xd2jPwG7Kd
0
2
2
Pentest reporting isn't fun so I synced up with Victoria Mosby of @PlexTrac to challenge her to take my first ever pentest report (ugh!) and use PlexTrac to show me how I could've streamlined its creation. She did not disappoint. https://t.co/xd2jPwG7Kd
0
2
2
If you haven't tried @exegogol for pentesting, now's a good time to quickly spin it up and try a different a different environment for hosting your tools.
Pentest/hacking distros are a personal choice and offer wealth of premade tools to help get you going. But do you need a whole OS to house your tools? In my latest video, I revisited @exegogol, a Docker-based environment that aims to provide you with the tools you need while
0
0
0
Pentest/hacking distros are a personal choice and offer wealth of premade tools to help get you going. But do you need a whole OS to house your tools? In my latest video, I revisited @exegogol, a Docker-based environment that aims to provide you with the tools you need while
0
0
1