How attackers think Join our webinar to learn how human pentesters uncover AI app flaws that tools miss, and how to balance automation with real attacker insight.

The venue was a nice touch too - the Computer History Museum in Ljubljana. Very hackerish energy for a security talk.

Curious how Razvan works in practice? Watch him run a full pentest workflow here: pentest-tools.com/webinars/how...

#offensivesecurity #infosec #cybersecurity #BSides

Razvan Ionescu, our Head of #OffensiveSecurity Services recently gave a heartfelt talk at #BSidesLjubljana. 🇸🇮

He shared the steps, mindset, and what actually worked for him in becoming the penetration tester he is today.

🔓 CVE-2025-33073 revives NTLM reflection attacks. Any domain user can hit SYSTEM on unpatched hosts without SMB signing.

Chain with unconstrained delegation → full domain compromise.

www.praetorian.com/blog/cve-202...

#offensivesecurity #activedirectory #theguardplatform #praetorian

Breaking into offensive security - Negative PID Offensive security roles attract people who enjoy thinking creatively, solving puzzles, and understanding systems from the inside out. Whether you want to

Breaking into offensive security

negativepid.blog/bre...

#OffSec #offensiveSecurity #ethicalHacking #redTeam #Cybersecurity #cyberattacks #cyberThreats #onlineSecurity #negativepid

UNbreakable România – Concurs Național de Securitate Cibernetică pentru Studenți și Liceeni

That’s how strong security communities grow: through practice, support, and a room for new people to welcome and nurture them.
Good luck to all finalists and bootcamp participants! Make the best of it! 👊
Learn more about UNbreakable România: unbreakable.ro
#offensivesecurity #infosec

Just Announced for BSides Luxembourg 2026!
𝗧𝗛𝗘 𝗦𝗣𝗬 𝗪𝗛𝗢 𝗟𝗢𝗚𝗚𝗘𝗗 𝗠𝗘 - 𝗪𝗛𝗘𝗡 𝗬𝗢𝗨𝗥 𝗫𝗗𝗥 𝗝𝗢𝗜𝗡𝗦 𝗧𝗛𝗘 𝗔𝗧𝗧𝗔𝗖𝗞𝗘𝗥𝗦 - Melina Phillips(@tx_princess )

Melina Phillips https://www.linkedin.com/in/melinaphillips-cissp/ is an Offensive Security Engineer with over 10 years of […]

[Original post on infosec.exchange]

This isn’t theory. This is real phishing ops. 💻 Learn how real att&ckers craft campaigns, bypass filters, and expl0it human behavior.

🚨 Limited time offer: $49 only: cyberwarfare.live/product/offe...

#Phishing #COPO #OffensiveSecurity #CyberWarFareLabs

Offensive security research hub Discover original 0-days, detailed advisories, and stories behind the offensive security research team at Pentest-Tools.com. Explore latest findings.

Chain it with PTT-2025-026 and you're looking at a 9.8 Critical unauthenticated RCE. One array to rule them all! 💍

Full PoC here: pentest-tools.com/research

#offensivesecurity #vulnerabilityresearch #infosec #accounttakeover

The demo makes one thing very clear: AI can speed up offensive security work, but it can also speed up bad decisions if you skip guardrails.

Need more reasons to keep the human in the loop?

Watch the full talk here: www.youtube.com/watch?v=x3z8...

#offensivesecurity #pentesting #llm #defcamp

Carter Ross from our team walks through what we've actually built, what we've learned, and why most detection stacks weren't designed for this reality.

It's worth the read! ➡️ buff.ly/Q6zYuSQ

#Praetorian #OffensiveSecurity #TheGuardPlatform

Open security and OffSec projects - Negative PID Security research is one of the areas where open source has had the deepest and most complex impact. Tools built openly are used to defend critical

Open security and OffSec projects

negativepid.blog/ope...

#OpenSource #OffSec #OffensiveSecurity #Cybersecurity #onlineSecurity #Internet #tech #IT #science #STEM #computing #AI #innovation #negativepid

Offensive security research hub Discover original 0-days, detailed advisories, and stories behind the offensive security research team at Pentest-Tools.com. Explore latest findings.

Our colleagues Matei "Mal" Bădănoiu and Raul Bledea did the digging. Full PoC and exploit is added here: pentest-tools.com/research

#offensivesecurity #vulnerabilityresearch #infosec

HttpOnly blocks document.cookie — but endpoints reflecting cookies in the response body bypass it entirely. 🔒

Our team chained XSS + GhostScript injection for full RCE. No zero-days.

📖 www.praetorian.com/blog/httponl...

#OffensiveSecurity #AppSec #TheGuardPlatform #Praetorian

Autonomous Offensive Security Firm XBOW Raises $120M at $1B+ Valuation Autonomous offensive security company XBOW raised $120 million in a Series C round to scale its AI-driven platform that discovers and validates software vulnerabilities autonomously. The funding, led by DFJ Growth and Northzone and valuing XBOW at over $1 billion, will accelerate product innovation, international expansion, and efforts to keep defenders...

XBOW secures $120M in Series C at a $1B+ valuation to boost its AI-driven platform that autonomously identifies and validates software vulnerabilities. Funding led by DFJ Growth and Northzone. #OffensiveSecurity #AIPlatform #USA

This Startup’s AI Beat 99% Of Humans In Six Elite Hacking Competitions www.forbes.com/sites... #cybersecurity #AI #AIHacking #OffensiveSecurity #AIAgent #AgenticAI #Tenzai #CTF

Open security and OffSec projects - Negative PID Security research is one of the areas where open source has had the deepest and most complex impact. Tools built openly are used to defend critical

Open security and OffSec projects

negativepid.blog/ope...

#OpenSource #OffSec #OffensiveSecurity #Cybersecurity #onlineSecurity #Internet #tech #IT #science #STEM #computing #AI #innovation #negativepid

Project V - Building the Ultimate Offline AI Testing Rig with Kali 2025.4 & Ollama llama 3 Geek time, so unless you have been in a sandbox this week or not been paying attention the team at Kali Linux dropped 2025.4, you know the landscape is shifting. With the complete transition to Waylan...

Unless you have been in a sandbox this week or not been paying attention the team behind Kali Linux dropped version 2025.4 with Ollama Llama 3 and Openwebui support, quick build guide with tests and cool results here! #BrainBytes #OffensiveSecurity #ProjectV
www.brainbytes.info/post/project...

Interested in the dark witchcraft of Windows Kernel Exploitation? Check out our training courses:
www.exploitpack.com/collections/...

#cybersecurity #exploitdevelopment #vulnerabilityresearch #windowskernel #exploitdev #reverseengineering #offensivesecurity #infosec #cyberattack #training

Exciting job opportunity! Replit is hiring an Offensive Security Engineer. This full-time, hybrid role is based in Foster City, CA with a salary range of $188,000 to $313,000 per year. #OffensiveSecurity #JobOffer

It also explains how Pentest-Tools.com validates findings across web, network, API, and cloud so teams spend less time re-checking and more time fixing.

Because more is NOT better. Get more arguments for internal debates from here: pentest-tools.com/usage/accuracy

#infosec #offensivesecurity

Many thanks to Matei Badanoiu, Raul Bledea and Eusebiu Boghici for their contributions.

#offensivesecurity #vulnerabilityresearch #pentesting #infosec

Out of curiosity: how often do you still run into 10+ year-old libraries during engagements?

Demo time! The place where tools behave perfectly… until you hit “Start.” 😅

We’ve launched a bi-weekly demo series where #offensivesecurity practitioners show how they *actually* use Pentest-Tools.com in real workflows.

youtu.be/TXoFOyOlyec?...

The IoT and OT cyber fields are very interesting!

#offensivesecurity #CyberSecurity #iotsecurity #otsecurity

Our #offensivesecurity team - led by Matei Badanoiu (CVE Jesus) - publishes original research: newly discovered vulnerabilities, deep technical write-ups, and full exploit chains built from real-world investigation.

2️⃣ False positive fatigue

Your scanner flags 40 “critical” issues. Half won’t reproduce.

Validated findings with HTTP logs, exploit traces, and attack replay options let you focus on what’s really exploitable, not what’s noisy.

#offensivesecurity #penetrationtesting #vulnerabilitymanagement

From COFF compilation to in-memory execution — understand what really happens inside a Beacon Object File. Tradecraft isn’t magic. It’s engineering.

🎯Read the blog now: cyberwarfare.live/the-anatomy-...

#Blog #OffensiveSecurity #AdversaryEmulation #CobaltStrike #CyberSecurity #CWL

Vulnerability assessment reporting - Pentest-Tools.com

How much of your vulnerability assessment time actually goes into reporting?

Not scanning.
Not validating.
Reporting.

Formatting findings. Cleaning exports. Re-checking evidence. Creating tickets.

#vulnerabilitymanagement #offensivesecurity #infosec

The next evolution in 𝒑𝒉𝒊𝒔𝒉𝒊𝒏𝒈 tradecraft is here. Introducing 𝐂𝐞𝐫𝐭𝐢𝐟𝐢𝐞𝐝 𝐎𝐟𝐟𝐞𝐧𝐬𝐢𝐯𝐞 𝐏𝐡𝐢𝐬𝐡𝐢𝐧𝐠 𝐎𝐩𝐞𝐫𝐚𝐭𝐨𝐫 (𝐂𝐎𝐏𝐎). Built for operators. Designed for realism.

🎯 𝐏𝐫𝐞-𝐫𝐞𝐥𝐞𝐚𝐬𝐞 𝐝𝐫𝐨𝐩𝐬 𝐭𝐨𝐝𝐚𝐲. Stay tuned: cyberwarfare.live

#COPO #OffensiveSecurity #CyberSecurityCertification #NewCourse #CyberTraining #CWL

Build trust with professional pentest reports - Pentest-Tools.com

Are your pentest reports DDoS-ing your stakeholders with huge reports they don't have time to read?

It's 2026, AI is everywhere, but reporting is still a grind. Here's how we help:

#offensivesecurity #cybsersecurity #infosec

Want to evaluate how Pentest-Tools.com fits into your security stack with someone who already understands your environment?

Our partners across 37 countries help you add accurate #offensivesecurity testing and monitoring without adding process chaos or tool sprawl.