If you’re a penetration tester, you know that lateral movement is becoming increasingly difficult, especially in well-defended environments. One common technique for remote command execution has been the use of DCOM objects

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly bridge LLMs with real-world offensive security capabilities.
www.hexstrike.com/

Cobalt Strike 4.11.1 is out now. This release introduces a new Sleepmask, a new process injection technique, new predefined obfuscation parameters for Beacon, asynchronous BOF files, and Beacon with DNS-over-HTTPS (DoH) support. We've also reworked the Beacon reflective loader and made numerous usability improvements.

The article discusses sophisticated call stack obfuscation techniques - using callbacks, tail calls, and proxy frames - to evade detection in exploitation and malware scenarios

A Web-based 3D Presentation Tool - Create stunning 3D presentations with animated transitions between slides.

We provide a structured systematization of obfuscation techniques and evaluate them under a unified framework. Specifically, we categorize existing obfuscation methods into three major classes (layout, data flow, and control flow) covering 11 subcategories and 19 techniques. We implement these techniques across four programming languages (Solidity, C, C++, Python) using a consistent LLM-driven approach, and evaluate their effects on 15 LLMs spanning four model families (DeepSeek, OpenAI, Qwen, LLaMA), as well as on two coding agents (GitHub Copilot and Codex). Our findings reveal both positive and negative impacts of code obfuscation on LLM-based vulnerability detection, highlighting conditions under which obfuscation leads to performance improvements or degradations

— 0.211.0 to 1.120.3
— 1.121.0

FOFA: app="n8n"
HUNTER : product.name="N8n"
ZoomEye: app="n8n"

Shellcode and In-PowerShell solution for patching AMSI via Page Guard Exceptions

AI-assisted penetration testing agent that enhances offensive security workflows by providing structured attack guidance, contextual analysis, and multi-backend AI integration.

Self-hosted, lightweight server and website monitoring and O&M tool

A legitimate open-source monitoring tool (post-exploitation RAT). Compatible with mainstream systems, including Linux, Windows, macOS, OpenWRT, and Synology. The agent provides SYSTEM/root level access, file management, and an interactive web terminal. VirusTotal shows 0/72 detections because it isn’t malware, it’s legitimate software pointed at attacker infrastructure.
Installation is silent. Detection only occurs when attackers execute commands through the agent.

SpicyAD is a C# Active Directory penetration testing tool designed for authorized security assessments. It combines multiple AD attack techniques into a single, easy-to-use tool with both interactive and command-line interfaces.

Extract data from modern Chrome versions, including refresh tokens, cookies, saved credentials, autofill data, browsing history, and bookmarks

CVE-2025-38001: Linux HFSC Eltree Use-After-Free - Debian 12 PoC
syst3mfailure.io/rbtree-family-drama

The dragon in the dark. A red team post exploitation framework for testing security controls during red team assessments.