A new DLL hijacking finder from @CTXIS, the dangers of window.opener.postMessage by @zoczus, Windows Telemetry LPE by @vm_call, certutil.exe LOLBin replacement from @gal_kristal, a digital sticky note reader from @two06, and more!
1,566 hijackable DLLs in Windows 10 from @Wietze, a Bitdefender RCE from visiting a website by @WPalant, CobaltStrike Beacon Object File implementations start dropping (like @ilove2pwn_'s), a Docker Desktop for Windows LPE from @spaceraccoonsec, and more!
Bypassing CSP with Google Analytics by @amirshaked, @itm4n drops yet another Windows LPE, @OptivSourceZero/@Tyl0us advance the state of the art in Windows domain password spraying, and more!
A new tunneling tool from @shantanukhande, new rootkit tradecraft and kernel mode payload from @zerosum0x0, XSS via copy and paste by @securitum_com, @ZecOps drops a Windows 10 unauth RCE, and more!
A new Windows C implant from @_batsec_, a tool to detect .NET in memory by @domchell, big updates to Covenant from @cobbr_io, a new process injection technique from @0x00dtm, and more!
A new HTTP tool from @pdiscoveryio, @TheXC3LL writes about a novel process injection technique for Windows, a new way to hide data in the registry by @Jackson_T, @CurtBraz shows off a trick for keeping phishing sites alive for longer, and more!
iOS 0day, privacy news, a patch diffing exploit from @matteomalvica, @404death drops a powerful Windows LPE primitive, @BillDemirkapi manages to execute shellcode in the kernel with Trend Micro's RootKit Remover, and more!
A COM-based lateral movement from @bohops, a new potato windows LPE variant from @splinter_code, a local Windows brute forcer from @DarkCoderSc, and more!
Evil-Maid attacks make a comeback thanks to @0Xiphorus, 2FA interception by @0x09AL, new .NET C2 by @_RastaMouse, a simple but powerful trick from @tiraniddo to disable any protected service on Windows, and more!
Wormable account takeover via GIF in MS Teams by @CyberArk, asynchronous password spraying in C# by @ustayready, NTLM relay improvements from @SecureAuth, Chrome extension hacking and defense by @IAmMandatory, and more!