Since now it's fixed, here is an AI agent finding and exploiting ADCS ESC1 misconfiguration, then impersonating a domain admin and pwning the AD by performing DCSync by itself. Let's gooooo!!! I really want to see this getting fully automated now XD

Hi, Just wrote a keylogger that uses ONLY the Windows COM (Component Object Model). The only WINAPI functions it has is GetModuleHandleW (could be replaced with a custom implemented to remove the function invocation), and GetConsoleWindow (forwards to actual SYSCALLs, can't

Really cool repo I came across that reverses/reimplements LoadLibrary. Very useful to have a chart / code depicting what all happens and when github.com/paskalian/WID_…

> wake up > See new new detection bypass🥳 > Clickies omg new coolness 💖 > Bypass=Embed file in a file in a file > Cant-make-this-shit-up.exe 🤨 > Even better it was done in 2008?! Before you post "omg new bypass method 2025" make sure you take your meds grandpa 🤡 ❄️

Running out of good benchmarks? We introduce AutoAdvExBench, a real-world security research benchmark for AI agents. Unlike existing benchmarks that often use simplified objectives, AutoAdvExBench directly evaluates AI agents on the messy, real-world research tasks.

Can Nicholas Carlini retire and let LLMs take care of breaking adversarial examples defenses? For now, the answer is no... I really like this benchmark because it directly measures the ability to conduct *real* tasks in ML/security research (albeit in a narrow domain)

spend some time rewriting stardust to be more minimalist and easier to use! I needed a generic minimal shellcode template that works for both x86 and x64 out of the box so I rewrote stardust to do so. It is now written in C++20 and utilizing some of its language features. The

heres a fun trick you can do on the computer

I am excited to announce the first conference dedicated to the offensive use of AI in security! Request an invite at offensiveaicon.com. Co-organized by RemoteThreat, Dreadnode, & DEVSEC. The Call for Papers opens Tuesday, March 25, 2025, and will remain open until Friday,

We’re doing a thing with RemoteThreat and DEVSEC. offensiveaicon.com

I've got a few utility scripts that may be useful to folks using BloodHound for defense that I'm going to slowly release. The first is "DogDoor" to let the BloodHound back in. It appends to the SAMR and NetSessionEnum ACLs instead overwriting, which can break some applications.

The second utility script for the day is "Luminol" because it sees things BloodHounds can't see. It's designed to be ran as a Scheduled Task, and allows Operating Systems to do a Computer collection on themselves. This picks up creds used to run Services and Scheduled Tasks ...

Crowdsourcing my research. Anyone aware of a dataset of Windows process command line args? Doesn't need to be labeled or contain malicious command line, looking for more of an NLP style dataset.

TL;DR: We built a transformer-based payments foundation model. It works. For years, Stripe has been using machine learning models trained on discrete features (BIN, zip, payment method, etc.) to improve our products for users. And these feature-by-feature efforts have worked

New blog just dropped 🤠 I've spent hours boiling down why adversarial examples fundamentally exist, distilled down to technical crystal-clear explanations anyone can grasp. This is what I wish someone had given me months ago. Give it a read ❤️ boschko.ca/why-models-bre…

I'm seeing a concerning trend in the Infosec/Red Teaming space of brushing off AI as a fad or taking a "old man yells at cloud" stance. I implore everyone do not do this, whether you like it or not it's the future. Everyone should be building agents & learning how to work with

excited to finally share on arxiv what we've known for a while now: All Embedding Models Learn The Same Thing embeddings from different models are SO similar that we can map between them based on structure alone. without *any* paired data feels like magic, but it's real:🧵

Top 50 LLM Interview Questions :

Assignment 1 (get basic pipeline working): implement BPE tokenizer, Transformer architecture, Adam optimizer, train models on TinyStories and OpenWebText. Only PyTorch primitives are allowed (can’t just call torch.nn.Transformer or even torch.nn.Linear). github.com/stanford-cs336…