Ghidriff (@clearbluejar), Linux exploitation (@kevin_backhouse), win32 keylogger (@_ixty_), BLUFFS bluetooth exploit (@francozappa), sleep lexer and parser (@mcbroom_evan), ring0 from VBA (@0xDISREL), and more!
O365 Phishing infra (@pfiatde), EvilSlackbot (@infosec_drewze), Sonos jailbreak (@alexjplaskett), DNS attacks (@timolongin), DNS rebinding attack (@_danielthatcher), and more!
2x macOS TCC bypasses (@gergely_kalman), Okta 🥷 (@nickvangilder), pcap analysis helper (@bartavelle), Mythic and Merlin C2 updates (@its_a_feature_ + @Ne0nd0g) and more!
Initial access and Bobber (@Flangvik), Slack 🍪 fun (@Tw1sm), attacking EDR (@dottor_morte), finding hard-coded secrets (@frycos), and more!
In-line PE runner (@s4ntiago_p), Citrix Bleed (@assetnote ), Cisco IOS XE PoC (@JamesHorseman2), LDAP auth (@lowercase_drm), fuzzer fundamentals (@h0mbre_), and more!
Windows LPE (@chompie1337), TPM Bitlocker deepdive (@itm4n@infosec.exchange), unhooking effects (@dazzyddos), CastGuard (@gsuberland@chaos.social), Apple OTA -> kernel hack (@patch1t), FalconHound (@olafhartong), GraphRunner (@dafthack), and more!
Looney Tunables Linux LPE (@qualys), Impending curl issue (@bagder), macOS gatekeeper bypass 0day (@_xpn_), firewall unauth RCE (@watchtowrcyber), sccmhunter update (@garrfoster), loaders (@mcbroom_evan), and more!
Nighthawk update (@MDSecLabs), Teams external splash bypass, MSI LPEs, and Zip+LNKs (@pfiatde), SCCM takeover (@_Mayyhem), .NET obfuscation (@eversinc33), JonMon (@jsecurity101), and more!
Cobalt Strike 4.9, 38TB of internal MS data, a crazy phish, an Okta toolkit, macOS LPE, and more!
Zero-click iOS exploits (@citizenlab), in-the-wild Chrome 0day, physical/mobile RE writeup (@elttam), Linux LPE (@SidewayRE), Protected Process Dumper (@tastypepperoni), and more!