RE an iOS app (@inversecos), More Azure Managed Identity attacks (@_wald0), excellent hardware hacking (@matthiasdeeg), printer pwnage (@Nikaiw, @JRomainG, @_trou_), BloodHound false positive reduction (@simondotsh), Ghostwriter 3.0 (@cmaddalena), and more!
Confluence RCE, Open Redirect -> RCE (@ByQwert), U-Boot vulns (@NCCGroupInfosec), Azure Managed Identity attacks (@_wald0), Deep Learning password extraction (@harmj0y), LSASS cryptography (@SkelSec), and more!
Follina Word RCE (@_JohnHammond + @BillDemirkapi), PyPI CTX and PHPass compromise (@aydinnyunuss), Gargoyle w/ROP (@thefLinkk), Fuchsia OS kernel hacking (@a13xp0p0v), custom Cypher (@simondotsh), code audit process (@frycos), and more!
Nighthawk 0.2 (@MDSecLabs), Parallels VM escape write-up (@ret2systems), Rust supply chain attack (@juanandres_gs), DPAPI entropy capture (@merrillmatt011), HVCI "work-around" (@33y0re), S4U2* attacks (@theluemmel), and more!
GitHub OAuth token hack, security.txt RFC (@EdOverflow), channel binding bypass for LDAP (@lowercase_drm), #ExtraReplica (@sagitz_, @shirtamari, @nirohfeld, @ronenshh), Windows kernel driver fun (@_xpn_), prefetch on Apple Silicon (@jose_vicarte and team), and more!
Acrobat extension issues (@WPalant), ECDSA signature in Java vuln (@neilmaddog), GPO LPE (@decoder_it), SSN resolution from process structs (@modexpblog), AWS container escape (@yuvalavra), and more!
.NET execution with docx (@danonit), AV evasion masterclass (@_vivami), Phisher's errors (@Marco_Ramilli), global injection and hooking (@m417z), custom transport protocols in Burp(@pentagridsec), advanced fuzzing (@kasifdekel), coercing NTLM authentication from SCCM (@_Mayyhem), xss iframe traps (@hoodoer), patchless AMSI bypass (@_EthicalChaos_), and more!
Full Edge exploit (@33y0re), dynamic P/Invoke (@bohops), Veeam exploits (@SinSinology), macOS LPE (@patch1t), AV debugger (@PlowSec), SMB over QUIC (@_xpn_), and more!
Shared section abuse (@BillDemirkapi), ISOs and office MOTW (@DidierStevens), better fuzzing harnesses (@h0mbre_), PoshC2 Linux ELF loader (@jdsnape), "Event pipes" for IPC (@x86matthew), Linux LPE (@pqlqpql), .soap webshells (@0xbad53c), and more!