Captured by the Artemis II crew during their lunar flyby on April 6, 2026, this image shows the Moon fully eclipsing the Sun. From the crew’s perspective, the Moon appears large enough to completely block the Sun, creating nearly 54 minutes of totality and extending the view far beyond what is possible from Earth. The corona forms a glowing halo around the dark lunar disk, revealing details of the Sun’s outer atmosphere typically hidden by its brightness. Also visible are stars, typically too faint to see when imaging the Moon, but with the Moon in darkness stars are readily imaged. This unique vantage point provides both a striking visual and a valuable opportunity for astronauts to document and describe the corona during humanity’s return to deep space. The faint glow of the nearside of the Moon is visible in this image, having been illuminated by light reflected off the Earth. [alt text from NASA]

The #Artemis II astronauts said they needed more superlatives to describe their view of the eclipse, when the Sun was behind the Moon and its near surface was faintly illuminated by Earthshine

github repo language overview

Just pushed some slides and labs polish for next weeks @1ns0mn1h4ck.bsky.social before my flight. The whole repo (which includes the training platform, labs, and slides) is quite... diverse :D

macOS already ships age verification

Had a case this week of a fairly secure deployment of BeyondTrust, but vulnerable to CVE-2026-1731. With basically zero egress, I implemented a timing oracle POC instead. Takes about 20 minutes to get the ls command output in this demo, but hey, it works! :D

Last Week in Security (LWiS) - 2026-02-09

"Negative-day" discovery (@spaceraccoonsec), Exploit gen with LLMs (@seanhn), Harmony LPE (@johnnyspandex + @buffaloverflow), NetSupport Manager RCE (@0xor_solo), Azure blob C2 (@KingOfTheNOPs + @senderend) and more!

blog.badsectorlabs.com/last-week-in...

Noone asked for this, but I'm trying to get more comfortable with qemu as a whole which has resulted in this overly fancy Qemu Machine Protocol (QMP) socket client, complete with dynamic schema parsing, event subscriptions and tab completion, because why not :P

A codex session with a message: "Applying patch carefully".

Thank you for applying the patch carefully.

an easy way to remember the difference between ssh -L and ssh -R is to try both until it works

PoC authentication bypass for telnetd.

Quick lunch time side quest building a simple lab to play with the inetutils-telnetd authentication bypass as disclosed on oss-sec ₁.

github.com/leonjza/inet...

₁ seclists.org/oss-sec/2026...

Really excited to present this Frida training @1ns0mn1h4ck.bsky.social with @ipmegladon.bsky.social and myself! If you've dabbled with Frida before, but want a practical learning opportunity to improve your usage and understanding, this one is for you!

We are excited to announce the CFP for the next tmp.0ut Volume 5!

tmpout.sh/blog/vol5-cf...

It's a nice feeling wrapping up some research! :D

Two blog posts just dropped - one with the details on the bloatware pwning shenanigans I was up to earlier in the year, and another on pipetap, a new Windows named pipe proxy/tool.

sensepost.com/blog/2025/pw...

sensepost.com/blog/2025/pi...

It’s almost time for my @BSidesCapeTown talk, and I’ve just open sourced pipetap. My Windows named pipe proxy & multi-tool. Excited to see what you do with it!

github.com/sensepost/pi...

Honestly excited for this years BSides Cape Town with fellow hackers and the @sensepost.com crew! See you soon Cape Town!

[BLOG]
This update solved a big issue I had with merging raw assembly into PIC. I cover the new linkfunc command and the updated addhook command.
rastamouse.me/pic-symphony/

GitHub - pard0p/LibPicoManager: LibPicoManager is a unified PICO management framework that provides centralized control over Position Independent Code Objects in shared memory, enabling dynamic code l... LibPicoManager is a unified PICO management framework that provides centralized control over Position Independent Code Objects in shared memory, enabling dynamic code loading, runtime PICO substitu...

LibPicoManager is a unified PICO management framework that provides centralized control over PICOs in memory, enabling dynamic code loading, runtime PICO substitution, and advanced evasion techniques like sleep masking through a single RWX code block.

github.com/pard0p/LibPi...

Where I'm going with this: we're in research territory. We may find patterns that just make sense as the way to tackle certain problems/architectural needs. And, in some cases, tightly coupling things may be the right answer.

Always keep the task/problem first, make elegance a lower priority aim.

🎟️ Early Bird tickets for Insomni'hack 2026 are live!

Join us in Switzerland for talks, CTF and networking with industry leaders.

Don’t miss out! Secure your spot now: https://ow.ly/iKes50XzTj3

#INSO26 #Cybersecurity #EthicalHacking #Event

Red Team Ops II Gain the knowledge and skills necessary to operate against advanced defences.

The new version of RTO II is finally available to purchase.
www.zeropointsecurity.co.uk/course/red-t...

Release 1.12.0 · sensepost/objection The, wow, finally, a release release! 😂 Honestly, there has been so much that has changed, and it's hard to thank and attribute to everyone that has contributed. To that end, thank you for your con...

We've been waiting 5 years for this: objection has been updated to 1.12.x with Frida17+ support. Thank you so much @leonjza.bsky.social and everyone who contributed!

github.com/sensepost/ob...

Thanks to @ipmegladon.bsky.social for updating the MASTG accordingly (OWASP/mastg/pull/3378)

I know it took long, and there is work to do, but I'm excited for getting back on track.

We changed two big things today.

1. Packaging is now using uv. While you can still pip install objection, you can now also run it with: uv run --with objection
2. Pushing updates to PyPi now happens on git tag, using trusted publishing: docs.pypi.org/trusted-publ....

Apart from all of the epic effort @ipmegladon.bsky.social and other contributors have put in, I'm really happy with the new CI. Manual pypi releases are no longer needed and we can finally move fast again with tagging which is huge.

It's... been a while since the last objection release got tagged. We finally landed a 1.12 release today which also means pypi is up to date again, and for the foreseeable future! Work never really stopped, and plenty of bug fixes are included. More in 🧵

github.com/sensepost/ob...

GitHub - singe/domain-probe: A utility to find identically configured domains and web-servers based on a pattern. Used to find phishing kits. A utility to find identically configured domains and web-servers based on a pattern. Used to find phishing kits. - singe/domain-probe

Made this last night, it’s useful for finding a large number of domains hosting phishing kits or malware based on a consistent pattern github.com/singe/domain-p… Might be useful for some of you.

Need to open doors from the outside without touching anything? Turns out thats possible with no touch sensors as @shifttymike.bsky.social details in his latest blog post.

sensepost.com/blog/2025/no...

The new kids use uv, so:

uv run raw.githubusercontent.com/sensepost/CV... !

Release 3.1.0 · sensepost/gowitness A new release, this time focussing on performance and various bug fixes! Thanks to all of the contributors! Enjoy! 🎉 New Refactor the chromedp driver, focussing on performance. The new implementat...

Landed a new gowitness release, this time focussing on performance! 🎉 v3.1.0

github.com/sensepost/go...

Tradecraft Engineering with Aspect-Oriented Programming It’s 2025 and apparently, I’m still a Java programmer. One of the things I never liked about Java’s culture, going back many years ago, was the tendency to hype frameworks that seemed to over-engin…

Tradecraft Engineering with Aspect-Oriented Programming

@rastamouse.me pretty much predicted what was coming in his last blog post. attach (Win32 APIs), redirect (local funcs), capability right-sized IAT hooks, and PICO function exports.

Yes, attach can incept its PIC.

aff-wg.org/2025/11/10/t...