Glad to be mentioned in such a great company! 😆 @chudypb.bsky.social 🔥

Evilginx Pro is finally here! After over two years of development, Evilginx Pro reverse proxy phishing framework for red teams is finally live!

🚨 Evilginx Pro is finally here! 🚨🎣🐟

This is it! After over two years of development, countless delays, and hundreds of manual company verifications, Evilginx Pro is finally live!

Thank you all for your invaluable support 💗

breakdev.org/evilginx-pro...

Since last year, I thought Ivanti Endpoint Manager was the most insecure tool you could use.

This year, I know it’s been Elon all along.

Big news: our trainings are live!

This year, we’re offering 13 courses led by top-notch experts. Whether you're red, blue, or somewhere in between,
come sharpen your skills, break stuff, and learn from the best!

📅 1–4 Sept
📍 Meervaart, Amsterdam
🎟 Tickets available now!
👉 weeztix.shop/qt2kzq6g

Terms of What? tl;dr

Excellent research by Sagi Olshansky shows how even a simple "Terms of Service" conditional access option in Entra ID can become a thorn in the side of phishing threat actors.

Evilginx phishlet development action included 🎣
medium.com/@Sniffler/te...

GitHub - luctalpe/WMIMon: Tool to monitor WMI activity on Windows Tool to monitor WMI activity on Windows. Contribute to luctalpe/WMIMon development by creating an account on GitHub.

I've been dealing with mysterious high CPU utilization from WmiPrvSE.exe for MONTHS. I finally did some digging using github.com/luctalpe/WMI... (run wmimon from an elevated cmd prompt). Guess what the culprit was?

It's video games for red teamers 😀

The BREAKDEV RED software shop engine is finally finished 🎉

Out of respect to all Evilginx fans, the purchase experience will be as friendly and fair as possible:

- Floating licenses ONLY
- No minimum cap for license purchases

Evilginx Pro release date: February 2025

Merry Christmas everyone! 🎄

New #PEsieve & #HollowsHunter
(v0.4.0) are released: github.com/hasherezade/... & github.com/hasherezade/... - A lot has changed in the new version, check it out!

I wrote a fun, little blog post. Remote pre-auth file deletion in SolarWinds ARM allowed to achieve LPE on AD machines 🙃

Who's leading the thoughts of the thought leader?! Cas is a true power broker, influencing the influencers from the shadows 😀

Thank you! I've finally managed to get it working. The API documentation is a bit rough, and the API itself holds a lot of technical debt, but now it finally works as I wanted.

🚨 BLACK FRIDAY 50% OFF 24-HOUR SALE 🚨

Today I'm running the biggest sale, since the course release in 2023!

Get Evilginx Mastery course with lifetime access for 199 EUR ONLY today! 🤩

Upgrade your phishing skills before Evilginx Pro drops!

🔗Link: academy.breakdev.org/evilginx-mas...

🚨 BLACK FRIDAY 50% OFF 24-HOUR SALE 🚨

Today I'm running the biggest sale, since the course release in 2023!

Get Evilginx Mastery course with lifetime access for 199 EUR ONLY today! 🤩

Upgrade your phishing skills before Evilginx Pro drops!

🔗Link: academy.breakdev.org/evilginx-mas...

🚨 The Black Friday sale is coming!

The sale drops at midnight today! (UTC+1)

It will be the biggest sale yet! 🤩

I want to do a little promotion here as well:

For the dutch people following me: last year me and 2 other folks from HITB dutch crew started orangecon.nl.

Its a nonprofit which focusses on knowledge sharing with affordable trainings followed by a very affordable conference. Do check it out please!

I'm currently doing super exciting research (that's a joke 😭) trying to decide which invoicing platform with API access to use.

Can anyone confirm if Zoho Books is a good platform or if there is any alternative worth considering?

I'm having the time of my life 😆

Congrats man! Heads and brains always need special treatment if they're used daily to make a living 😀

Agreed. Sounds like I'm breaking the habit tonight 😂

I keep catching myself referring to "Linkin Park" as "LinkedIn Park".

Is it a sign of growing old? 👴

Into the Wild (2007) Trailer #1 | Movieclips Classic Trailers YouTube video by Rotten Tomatoes Classic Trailers

I kind of got discouraged after watching this movie 😆
www.youtube.com/watch?v=XZG1...

Time will tell. It is perfectly ok to keep both running at the same time and use both for the time being.

Noted. I thought I was the only one struggling with trying to manage too many different things simultaneously. What I try to do is handle the organizational things at the beginning of the week and then dedicate the following days to deep focus development with no distractions, same as you.

Paged Out! #5 is out – enjoy! pagedout.institute
And if you like the cover, we have wallpapers!

I feel you! Do you have any options to automate payment processing & invoicing at least?

Evilginx Pro Update:

Tool is ready and awaits release.

I'm now creating an online shop engine, because why not 😜

I hope one day it becomes Steam for cybersecurity tools with Evilginx Pro its first release, like Half-Life 2 on Steam exactly 20 years ago.

Red team tools unite!

Welcome to the greener pastures! 😀

Good to see you on the interwebz again! 💗

Defenders use cross-origin requests through CSS url() or injected JS to leak your phishing URL in the HTTP Referer header.

Today, I've been reminded about the excellent post by Keanu Nys, which contains a lot of great evasion ideas!

insights.spotit.be/2024/06/03/c...

Beyond good ol’ Run key, Part 144

www.hexacorn.com/blog/2024/11...