: Hallucinated package names fuel 'slopsquatting'

一个基于 Nostr 去中心的匿名远程控制工具 A decentralized anonymous remote control tool based on Nostr - ClarkQAQ/nrat

Tools for maintaining access to systems and proof-of-concept demonstrations. - hackerhouse-opensource/backdoors

CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File - 0x6rss/CVE-2025-24071_PoC

A powerful, modular, lightweight and efficient command & control framework written in Nim. - hdbreaker/Nimhawk

Offensive GPO dumping and analysis tool that leverages and enriches BloodHound data - cogiceo/GPOHound

Cisco Talos discovered a sophisticated attack on critical infrastructure by ToyMaker and Cactus, using the LAGTOY backdoor to orchestrate a relentless double extortion scheme.

A researcher reveals an unpatched Windows LNK flaw that allows UNC-based remote execution and NTLM hash capture. Microsoft declined to issue a fix.

Vintage is another pure AD box, this time at Hard level. I’ll start with creds, and use them to collect Bloodhound data, which shows a computer object that’s a member of the Pre-Windows 2000 Compatible Access group. This means I can guess it’s password, and…

Lessons learned and observed while experimenting with code signing and cloning file attributes.

CTF solutions, malware analysis, home lab development

AI/LLM local model integration for analysis of reconftw results - six2dez/reconftw_ai

This blog post will shed some light on what's behind AMSI (roughly, but hopefully easy to understand) and how you can still effectively bypass it - more than four years later.

CVE-2025-31644: Command Injection in Appliance mode in F5 BIG-IP - mbadanoiu/CVE-2025-31644

While I was reading Elad Shamir recent excellent post about NTLM relay attacks, I decided to contribute a companion piece that dives into the mechanics of Kerberos relays, offering an analysis and …