SolarWinds news and dumping tool (@mubix), Android exploit from an iOS exploiter (@_bazad), C# runtime dependency resolution (@Jean_Maes_1994 + @_RastaMouse), direct syscalls in BOFs (@OutflankNL + @ajpc500), C# from Nim (@ShitSecure), Ubuntu LPE (@scannell_simon), and more!
Great breach analysis (@FireEye), HTTPS Signing in Burp (@sanktjodel), Ghidra VirusTotal plugin (@kasifdekel), Dynamic API hook evasion (@matterpreter), EDR hook detection in VBA (@TheXC3LL), Kerberos Bronze Bit attack (@jakekarnes42), PtH methods (@n00py1), and more!
Remote iOS RCE (@i41nbeer), decrypting AutoLogon creds (@secure_sean), the Unprotect Project (@fr0gger_ + @DarkCoderSc), C2 in C++ book (@shogun_lab), depixelization tool (@spibblez), SharpMapExec (@cube0x0), and more!
OffSecOps setup (@xenosCR), direct syscalls in CobaltStrike (@brsn76945860), VBA DLL linking (@rd_pentest), advanced red teaming (@BorjaMerino), invoking managed code in .NET DLLs (@_xpn_), shellcode execution via PostgreSQL extensions (@DarkCoderSc), and more!
New macOS C2 (@cedowens), Nim implant (@NotoriousRebel1), x64 AMSI bypass in VBA (@rd_pentest), VBA purging tool (@h4wkst3r/@AndrewOliveau), macOS privesc via MS Teams (@theevilbit), Kali tool developer partnership (@kalilinux/@byt3bl33d3r), and more!
AV bypasses for common C2s (@ShitSecure), Big Sur firewall bypass (@patrickwardle), 10 vulns in Bitdefender (@0xlandave), Win7 LPE (@itm4n), COM mapping tool (@hotnops), hooks for Windows password dumping (@last0x00), and more!
New Mythic agent (@djhohnstein), mobile app interception tools (@EvilPenguin_), CobaltStrike 4.2 and C2 docs (@AndrewChiles), AD post-ex toolkit (@FuzzySec), proxy awareness for CS (@lefterispan), user-mode unhooking ( @slaeryan), and more!
NAT Slipstreaming by @samykamkar, a new AV evasion method by @jxy__s, Kerberoasting in pure VBA by @TheXC3LL, Linux LPE by @scannell_simon, browser extension vulnerabilities from @WPalant, new Maldoc techniques from @Matt_Grandy_, a new autonomous red team tool from @privateducky and team, and more!
LOLBin post from @bohops, new Excel macro tool from @JoeLeonJr, Windows sandbox detection by @LloydLabs, macOS LPE by @0xm1rch, how to use Azure passwords by @kfosaaen, a review of low cost pentests by @_sophron, and more!
Ryzen Driver LPE by @h0mbre_, Discord desktop RCE by @kinugawamasato, Azure Pipeline abuse by @Flangvik, macOS TCC tricks by @_xpn_, AWS enumeration bug by @Frichette_n, new loader from @Cribdragg3r, and more!