Sudo LPE (@bl4sty), Cobalt Strike patching for evasion (@_xpn_), web bruteforcing (@Xst3nZ), customizing phishlets (@Bb_hacks), Kerberos LPE on Linux (@xassiz), shared file C2 (@scriptmonkey_), homograph tool (@evilsocket), and more!
DNS C2 sandwiches (@__Masq__), VBA process dumper (@JohnWoodman15), Windows Printer + NTLM relay fun (@aionescu + @eyal_karni), VM detection trick (@gsuberland), Anti-debugging with jobs (@JustasMasiulis), and more!
Containerd breakout PoC (@ChaosDatumz), the "glue" principle (@theluemmel), lockscreen bypass (@jonasLyk), VBox escape 0day (@Sauercl0ud), beacon shellcode generator (@ryanstvnson), browser backdoor (@_batsec_), nim obfuscation (@LittleJoeTables), and more!
Thread hijack BOF (@33y0re), anti-debugging tricks (@JustasMasiulis), leaking private YT videos (@xdavidhu), SysWhipers2 (@Jackson_T), Google Titan 🔑 side channel (@victorlomne), lsass handle reuse (@Jean_Maes_1994), and more!
SolarWinds news and dumping tool (@mubix), Android exploit from an iOS exploiter (@_bazad), C# runtime dependency resolution (@Jean_Maes_1994 + @_RastaMouse), direct syscalls in BOFs (@OutflankNL + @ajpc500), C# from Nim (@ShitSecure), Ubuntu LPE (@scannell_simon), and more!
Great breach analysis (@FireEye), HTTPS Signing in Burp (@sanktjodel), Ghidra VirusTotal plugin (@kasifdekel), Dynamic API hook evasion (@matterpreter), EDR hook detection in VBA (@TheXC3LL), Kerberos Bronze Bit attack (@jakekarnes42), PtH methods (@n00py1), and more!
Remote iOS RCE (@i41nbeer), decrypting AutoLogon creds (@secure_sean), the Unprotect Project (@fr0gger_ + @DarkCoderSc), C2 in C++ book (@shogun_lab), depixelization tool (@spibblez), SharpMapExec (@cube0x0), and more!
OffSecOps setup (@xenosCR), direct syscalls in CobaltStrike (@brsn76945860), VBA DLL linking (@rd_pentest), advanced red teaming (@BorjaMerino), invoking managed code in .NET DLLs (@_xpn_), shellcode execution via PostgreSQL extensions (@DarkCoderSc), and more!
New macOS C2 (@cedowens), Nim implant (@NotoriousRebel1), x64 AMSI bypass in VBA (@rd_pentest), VBA purging tool (@h4wkst3r/@AndrewOliveau), macOS privesc via MS Teams (@theevilbit), Kali tool developer partnership (@kalilinux/@byt3bl33d3r), and more!
AV bypasses for common C2s (@ShitSecure), Big Sur firewall bypass (@patrickwardle), 10 vulns in Bitdefender (@0xlandave), Win7 LPE (@itm4n), COM mapping tool (@hotnops), hooks for Windows password dumping (@last0x00), and more!