underrated little beast

Reverse Engineering: Making USB device drivers for Linux with Python! YouTube video by ReversingForFun

Okay, I finally learned enough Kdenlive to mash together a more formal video on the general process I took to reverse engineer this device and write my own shitty drivers with python, hope you enjoyyyy :)

#reverseengineering #python #linux

youtu.be/6yd1vC0Turs

The Phrack leak: Examining an APT’s workstation In August 2025, two anonymous researchers released 9 GB of data from a workstation of a likely advanced persistent threat (APT) group. Here’s an analysis of the data by Intel 471’s Cyber Geopolitical ...

Thanks for the excellent writeup @intel471.bsky.social

www.intel471.com/blog/the-phr...

Today I have a more serious topic than usual, please consider reposting for reach:

My wife and I are urgently looking for a specialist in neuropediatrics or a similar field for our autistic child with a diagnosed, but not further specified, movement disorder [1/4]

RomHack - Job opportunities Check for RomHack sponsor's job opportunities

👋🏿 Hackers!

Are you a Red Teaming Wizard 🧙🏿 looking for a new challenge? @shielder.com is hiring a Red Teaming Lead to join our crew!

More info ⬇️ (share appreciated) #hiring #redteaming
romhack.io/job-opportun...

do not upload your photo to any ID verification service to BROWSE THE INTERNET i am being so serious id much rather buy a vpn. learn how to pirate. this data is so obviously going to be used in nefarious ways

Working with folks from @lucasfilm.bsky.social, @ilmvfx.bsky.social, and Apple to secure some of the OSS foundations the movie and entertainment industries rely on was so cool!

Big shout-out 📣 to the @ostifofficial.bsky.social and ASWF for making this possible.

Screenshot of the fake “KeePassXC Pro - Ultimate Security Solution” README.

Screenshot of the fake Pro features.

🚨 *Attention!* We were made aware of a fake “KeePassXC Password Manager Pro” repository on GitHub that links to unverified external binary downloads.

- There is NO Pro version of KeePassXC!
- You get all the “Pro” features with the regular version.

1/2

biggest issue of open source project, maintainers just focusing on other shit and let a project die.

i couldn't agree more on that.
there's aleays that .config or .xml file with a service account in it

Hey artists! Would you like to have your art featured in the print edition of Phrack 72? You can email us at arts@phrack.org

got it as well, i tought it was phishing 😂

Save the date - BlackHoodie will be offering a free reverse engineering training for women by women in Stockholm at @sec-t.bsky.social conference on September 10th! Thanks to the wonderful people of SEC-T ♥️

this.

New capabilities coming to Microsoft Sentinel this Spring | Microsoft Community Hub New capabilities coming to Microsoft Sentinel this Spring We are excited to share the latest advances coming to Microsoft Sentinel over the next few months...

New capabilities coming to Microsoft Sentinel this Spring
techcommunity.microsoft.com/blog/microso...

#MicrosoftSentinel #Cybersecurity #MicrosoftSecurity #Security #DefenderXDR

GOAD - part 14 - ADCS 5/7/9/10/11/13/14/15 In the previous blog post on ADCS (Goad Pwning Part 6), ESC1, ESC2, ESC3, ESC4, ESC6, and ESC8 were exploited.

mayfly277.github.io/posts/ADCS-p...

Berlusconi made Milan the best team in the world but ruined Italy as country.

@mullvad.bsky.social ❤️

hackerone-reports/tops_by_bug_type at master · reddelexc/hackerone-reports Top disclosed reports from HackerOne. Contribute to reddelexc/hackerone-reports development by creating an account on GitHub.

repo of detailed bounty reports

Any other words you recommend to mute?

Backdoor my ass! At most... usual Chinese poor design choices... 🥲

noooo, but the whole country of China is still evil right? right?

🇸🇪❤️

Cobalt Strike and a Pair of SOCKS Lead to LockBit Ransomware Key Takeaways This intrusion began with the download and execution of a Cobalt Strike beacon that impersonated a Windows Media Configuration Utility. The threat actor used Rclone to exfiltrate data…

🌟New report out today!🌟

Cobalt Strike and a Pair of SOCKS Lead to LockBit Ransomware

Analysis & reporting completed by @r3nzsec, @MyDFIR & @MittenSec.

Audio: Available on Spotify, Apple, YouTube and more!

thedfirreport.com/2025/01/27/c...

I wrote a PoC for the recent Ivanti Connect Secure stack buffer overflow, CVE-2025-0282, based on the exploitation strategy watchTowr published, along with an assessment of exploitability given the lack of a suitable info leak to break ASLR: attackerkb.com/assessments/...

come to the northern side, sec-t in Stockholm, september

GitHub - logangoins/Krueger: Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC - logangoins/Krueger

IBM X-Force's Logan Goins has released Krueger, a .NET tool for remotely killing EDR using the Windows Defender Application Control (WDAC) utility

github.com/logangoins/K...

Santa's early w/ a new #BloodHoundBasics post!🎅

Looking for new Attack Paths to the domain? 🔎
BH v6.3 introduces CoerceToTGT.
The edge connects principals w/ unconstrained delegation to the domain, as attackers can use those to coerce privileged computers & retrieve their TGT.

New module on #NetExec : wam
Dump #Entra access tokens from Windows Token Broker Cache, and make your way to Entra 🚀

Thanks @xpnsec.com for the technique! More info on his blog : blog.xpnsec.com/wam-bam/

GitHub - t-tani/defender2yara: Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules - t-tani/defender2yara

Python tool that converts Microsoft Defender Antivirus Signatures (VDM) into YARA rules.

https://github.com/t-tani/defender2yara