GitHub OAuth token hack, security.txt RFC (@EdOverflow), channel binding bypass for LDAP (@lowercase_drm), #ExtraReplica (@sagitz_, @shirtamari, @nirohfeld, @ronenshh), Windows kernel driver fun (@_xpn_), prefetch on Apple Silicon (@jose_vicarte and team), and more!
Acrobat extension issues (@WPalant), ECDSA signature in Java vuln (@neilmaddog), GPO LPE (@decoder_it), SSN resolution from process structs (@modexpblog), AWS container escape (@yuvalavra), and more!
.NET execution with docx (@danonit), AV evasion masterclass (@_vivami), Phisher's errors (@Marco_Ramilli), global injection and hooking (@m417z), custom transport protocols in Burp(@pentagridsec), advanced fuzzing (@kasifdekel), coercing NTLM authentication from SCCM (@_Mayyhem), xss iframe traps (@hoodoer), patchless AMSI bypass (@_EthicalChaos_), and more!
Full Edge exploit (@33y0re), dynamic P/Invoke (@bohops), Veeam exploits (@SinSinology), macOS LPE (@patch1t), AV debugger (@PlowSec), SMB over QUIC (@_xpn_), and more!
Shared section abuse (@BillDemirkapi), ISOs and office MOTW (@DidierStevens), better fuzzing harnesses (@h0mbre_), PoshC2 Linux ELF loader (@jdsnape), "Event pipes" for IPC (@x86matthew), Linux LPE (@pqlqpql), .soap webshells (@0xbad53c), and more!
RCE on a NAS (@alexjplaskett, @saidelike, and @FidgetingBits), Double Fetch vulns (@N1ckDunn), Razer LPE (@matthiasdeeg), DFIR cloud automation (@ZawadiDone), Ubuntu LPE (@ETenal7), and more!
Browser in the Browser (@mrd0x), OSINT Map (@MalfratsInd), Rust packer (@verixvogel), local Kerberos to bypass UAC (@tiraniddo), crash to read/write in Chakra (@33y0re), AtlasC2 (@Gr1mmie), detecting Shadow Credentials (@cfalta ), and more!
Embedded reversing (@zi0Black), SQL injection despite prepared statements (@Dooflin5), AutoWarp Azure token leak (@Yanir_), Viscosity DPAPI defeat (@checkymander), password tricks without mimikatz (@n00py1), Chakra exploitation (@33y0re), rethinking phishing assessments (@matterpreter), and more!
Stealing GitHub secrets (@not_an_aardvark), TeamsImplant (@allevon412), Nimcrypt2 (@icyguider), VMware RCEs (@elk0kc), LdapSignCheck (@cube0x0), yaradbg.dev (@DissectMalware), and more!
VMware RCEs (@__mn1__ and @elk0kc), un-redacting text (@2600AltF4), undetectible AirTags (@positive_sec), Kerberos relaying via DNS (@_dirkjan), tmp.Out volume 2 (@tmpout), tclsh macOS dylib loading (@_D00mfist), Athena agent (@checkymander), and more!