🔍 NTSleuth is now live! A new comprehensive Windows Syscall Extraction & Analysis Framework. Still early stages with many ideas brewing, but hope it helps some of you! ✨ Features: • Extracts thousands of syscalls from ntdll.dll & win32u.dll as well as and WOW64 variants •

The Gentlemen Hackers interviewing Halvar Flake: https://t.co/FCkkM66LE4

[6/x] But now I'd appreciate many more datasets from the community to add to it. Any feedback welcome and please submit your extracted JSONs at https://t.co/kfpQFXvmWB 💪🏻

[5/x] Probably my favourite: Compare syscalls across different Windows versions and architectures. What exactly has changed.

[4/x] Display syscall number, parameters, SAL annotation, convention and more.

[3/x] Browse, search, sort, filter by name, module if it has an alias or inputs.

[2/x] Once you select a dataset you get an overview about the particular extraction generated by NTSleuth.

[1/x] I would love to make NTSleuth a community driven project so the whole research community can profit off it. For that I created https://t.co/h0VXonbtP1 which can serve as a syscall database across Windows architectures, builds, versions. Not many datasets yet but will

Live:

Initital Syscall / Parameter Extraction

Syscall Lookup Mode

https://t.co/ZwfqBTcRsh

🔍 Working on something interesting: NTSleuth - a Windows syscall extraction tool with a twist... Would anyone be interested in a tool that: 🎯 Extracts ALL syscalls from Windows (ARM64/x64) 🤖 Auto-resolves function parameters 📊 Found 2,461 syscalls on Win11/ARM64 📝 Outputs

Smelly needs someone reliable. Free cat emojis and memes! 😼

Say hello to ChromElevator (formerly Chrome App-Bound Decryption). Just dropped v0.15.0: 🚀 One command to rule them all - can hit every installed Chromium browsers at once. 🤫 More stealthy discovery as it finds browser paths by querying the registry with direct syscalls. No

Brief info and POC for this week's Apple 0click iOS 18.6.1 RCE bug CVE-2025-43300 https://t.co/EL3qg56N8X

Right now, the media is hyping up a story that a SECRET HACKER FIRMWARE FOR FLIPPER ZERO HAS APPEARED ON THE DARKNET THAT CAN HACK ANY CAR!!!11 WE’RE ALL IN DANGER. Let’s break it down and see if that’s actually true (spoiler: it’s not): https://t.co/JZPz5KZKcP

🛡️ ARM64 Call Stack Spoofing Framework for Windows! Just dropped something new for EDR evasion on ARM64, designed to cloak execution by manipulating the call stack. 🔎 Hunts for legitimate return addresses ("gadgets") in ntdll.dll 🎲 Randomizes gadgets to resist signature-based

Stop blaming AI/LLMs for insecure code. That’s (mostly) on us. I keep seeing more and more articles saying that "vibe-coded" apps are insecure (by default). That’s too easy. And a cheap shot. Proper prompting helps and the real win comes with 𝐩𝐫𝐨𝐦𝐩𝐭𝐢𝐧𝐠 +