The 2016 Mirai botnet attack was a wake-up call:
IoT security is nonexistent at scale.
Default creds & unpatched firmware turned cameras into DDoS cannons.
Lessons?
Harden IoT or expect more botnet chaos.
#CyberSecurity #History #DDoS #IoT #Infosec #Mirai
Book Recommendation:
Mastering post-exploitation?
'The Hacker Playbook 3' 👌
by Peter Kim is a must-read, as it covers:
a. Actual Attack Chains,
b. Evasion Techniques,
c. Red Team Strategies.
Practical over theory.
Link: digtvbg.com/files/books-...
#RedTeam #OffSec #infosec
Inline hooking too noisy?
Use hardware breakpoints via 'SetThreadContext' to hijack execution flow without modifying code.
Silent, reversible & hard to detect.
#RedTeam #Malware #infosec #cybersecurity #bugbounty
Turn your Raspberry Pi into a 𝐩𝐨𝐜𝐤𝐞𝐭-𝐬𝐢𝐳𝐞𝐝 𝐩𝐞𝐧𝐭𝐞𝐬𝐭𝐢𝐧𝐠 𝐩𝐨𝐰𝐞𝐫𝐡𝐨𝐮𝐬𝐞 with Kali.
⚡Stealthy, portable & packed with offensive tools, as real security pros test anytime, anywhere.
🔍 Topic: medium.com/@mawgoud/bui...
#KaliLinux #CyberSecurity #Infosec
Goodbye Skype
Once the king of VoIP, now just a ghost in the digital graveyard. ☠️
From P2P-powered resilience to Microsoft's EDR-infested bloat, it never stood a chance.
Source: mybroadband.co.za/news/interne...
#Skype #Tech #VoIP #EDR #Teams #Zoom
Three VMware zero-days exploited in the wild.
CVE-2025-22224,
CVE-2025-22225,
CVE-2025-22226.
Attackers with admin access can chain these to escape VM sandboxes & control the hypervisor.
#VMware #ZeroDay #CyberSecurity #Infosec #Cybersecurity
Source: www.infosecurity-magazine.com/news/vmware-...
EDRs love API hooking?
PatchGuard doesn’t.
Instead of unhooking,
do this ... redirect execution using Heaven’s Gate (switching to 64-bit from 32-bit in WoW64) / indirect syscalls.
Stay ahead, stay silent. 🕵️♂️
#RedTeam #Malware #infosec #cybersecurity #bugbounty #EDR #WoW64
Process injection via Atom Tables is an underrated stealth tactic.
Store shellcode in an atom, retrieve it in a remote process, and execute via callback.
Avoids common memory scanning detections.
#RedTeam #EDREvasion #Infosec #CyberSecurity
🔧Transform your Raspberry Pi into a portable pentesting powerhouse with a 3.5-inch touchscreen & Kali Linux!
--Ideal for on-the-go cybersecurity assessments.
🔍Details: mobile-hacker.com/2025/02/26/b...
#Pentesting #Infosec #KaliLinux #RaspberryPi #cybersecurity
🔍Leaked code reveals a token refresh script used in adversary-in-the-middle (AITM) attacks.
If you're not monitoring OAuth token activity, you're flying blind.
Stay vigilant.
#CyberSecurity #AITM #OAuth #infosec #MiTM
github.com/zolderio/AIT...
⤼ Early Grok-3 ('chocolate') leads the 'Chatbot Arena ELO rankings' edging out top-tier models
Are novel training paradigms (e.g., retrieval-augmented generation, improved instruction tuning) playing a larger role?
Feb, 2025
#AI #MachineLearning #LLMs #NLP #DeepLearning #Grok
🔍If you’re analyzing malware, forget static AV scanners.
Use 𝐅𝐥𝐚𝐫𝐞𝐕𝐌, 𝐂𝐀𝐏𝐀 & 𝐱𝟔𝟒𝐝𝐛𝐠 for real insights.
Pair with 𝚜𝚢𝚜𝚖𝚘𝚗 + 𝚂𝚒𝚐𝚖𝚊 𝚛𝚞𝚕𝚎𝚜 for tracking execution flow as a pro.
𝐀𝐮𝐭𝐨𝐦𝐚𝐭𝐢𝐨𝐧 > 𝐆𝐮𝐞𝐬𝐬𝐰𝐨𝐫𝐤.
#Malware #infosec #Bug #CVE
🔒Bonus: Zerologon (CVE-2020–1472):
This vulnerability lets attackers control Domain Controllers by resetting the krbtgt password.
Patch your systems to avoid this!
#infosec #Bug #Zerologon
10/10 Active Directory Misconfigurations:
Weak policies, overprivileged accounts, no MFA - all these can be exploited. Regular audits & patches are your best defense!
#AD #MFA #infosec #bug #cybersecurity
9/10 LSASS Dumping:
Using tools like Mimikatz, attackers can dump LSASS memory to steal passwords & tickets.
It's all about memory access.
#LSASS #CredentialDumping #Mimikatz
8/10 MITM via LLMNR, NBT-NS, WPAD Poisoning:
By poisoning name resolution protocols, attackers can capture credentials sent over the network.
Stealthy but detectable.
#MITM #ComputerNetworks #infosec #cyberattack #privacy
7/10 NTLM Relay Attack:
Here, attackers intercept NTLM authentication requests, relaying them to gain access elsewhere.
It's all about misdirecting credentials.
#NTLMRelay #NetworkSecurity #ActiveDirectory #infosec
6/10 Golden Ticket Attack:
With the krbtgt hash, attackers create fake tickets to impersonate any user.
This grants them unlimited access to domain resources!
#GoldenTicket #Kerberos #Hash #CyberSecurity
5/10 DCSync Attack:
By impersonating a Domain Controller, attackers can extract credentials from any DC.
This can lead to Golden Ticket attacks.
#DCSync #Persistence #DomainController
4/10 AS-REP Roasting:
Focuses on accounts without required pre-authentication, allowing attackers to crack passwords from AS-REP tickets.
#ASREP #SecurityTips #Authentication #Passwords
3/10 Kerberoasting:
Targets service accounts by cracking Kerberos tickets.
If service accounts have weak passwords, it's a goldmine for attackers.
#Kerberos #ADSecurity #Kerberoasting #password
2/10 Pass-the-Hash (PtH) Attack:
Hackers grab #NTLM hashes without cracking passwords, then use them to move around the network.
Tools like #Mimikatz are popular for this.
#PtH #CyberAttack #infosec #exploitation
Morning / Evening all ☕️
Let's talk about Active Directory (AD) security.
Attackers 'love' targeting AD for domain admin privileges.
Here's a thread on the top techniques they use!
Image Credit: (cyber.gov.au, 2024)
A Thread 1/10🧵
#CyberSecurity #infosec #CVE
You will enjoy reading this ☕
🔬What IF: Scientists Choose Rust Over Python for AI Development.
📖 Read the full story ..
🔗mawgoud.medium.com/earth-72-scientists-adap...
#AI #Rust #Python #Tech #Multiverse #ML
🚨 DeepSeek's iOS app is sending sensitive user data to a ByteDance (TikTok) .. affiliated cloud platform without encryption.
👉 Full Report: thehackernews.com/2025/02/deep...
#Cybersecurity #Privacy #Bug #Encryption #Tech #News #Security #TikTok #DeepSeek #OpenAI
Ups and downs of #redteam engagements. When the standard payloads don’t cut it, innovation wins. Learn how we misused a screenshot tool to load shellcode… at the fifth attempt!…
blog.compass-security.com/2024/12/a-ni...
Red Teamers: do NOT neglect SNMP like sysadmins usually do! SO many networks have granted me very quick wins through SNMP enumeration, which can be done with Metasploit, snmpwalk, and onesixtyone:
Enum Windows accounts (spray?):
snmpwalk -c public -v1 $TARGET 1.3.6.1.4.1.77.1.2.25
#hacking #redteam
Dumping LSASS?
Ditch 'MiniDumpWriteDump'—too noisy.
Use NtReadVirtualMemory via direct syscalls
or
use (COM+ LRPC abuse) for stealthier creds extraction.
EDRs hate this one trick. 😉
#RedTeam #Malware #EDR #IncidentHandling #infosec #DFIR
Bypass 'FindWindow' anti-debug checks by hooking 'NtUserFindWindowEx' & returning a fake handle.
🕵️♂️ Malware loves to check for debuggers this way ... feed it garbage & watch it fail.
#ReverseEngineering #Malware #infosec #bug #exploitation #pentesting
