🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Cobalt Strike 4.11 is out now! This release introduces a novel Sleepmask, a novel process injection technique, a new prepend reflective loader with new evasive options, asynchronous BOFs, DNS over HTTPs and more! cobaltstrike.com/blog/cobalt-st…

Beacon Object Files (BOFs) in C2 platforms limit developers. ow.ly/rQ2e50VjZBU Read NetSPI's blog post to explore a reference design for a new BOF portable executable (PE) concept that bridges the gap between modern C++ development and memory-executable C2 integration.

A little while ago I tweeted about a potential BOF-PE design. So here it is, a new design that includes a fully linked PE, C++ exceptions and use of the STL template library.

Had a lot of fun digging into COM stuff with bohops recently! We ended up finding a way to laterally move without dropping a file. ibm.com/think/news/fil…

Automatic browser SSO with a PRT on a victim device over an Outflank C2 implant 🥰 using ROADtools and some hackery from Max Grim

As promised... this is Loki Command & Control! 🧙‍♂️🔮🪄 Thanks to Dylan Tran for his work done on the project and everyone else on the team for making this release happen! github.com/boku7/Loki

RemoteMonologue - A Windows credential harvesting attack that leverages the Interactive User RunAs key and coerces NTLM authentications via DCOM. Remotely compromise users without moving laterally or touching LSASS. Hope you enjoy the blog & tool drop 🤟 ibm.com/think/x-force/…

Our red team is growing and we have a rare open position for a Principal RT Operator - if this sounds like you, get in touch 🙏 MDSec

Yes! We're doing the Infosec Kart Cup again! 🏎️🤘 Mark June 19 in your calendars, and reserve your spot now at infoseckartcup.nl! The 2024 edition was sold out.

My new blog for Check Point Research - check it out! 💙 // #ProcessInjection : #WaitingThreadHijacking

I spoke about the initial credential guard vulnerability at #SOCON2025, but I left out the part where the fix could be bypassed. Both bypasses have now been fixed which I cover in my blog post along with some juicy technical details. Enjoy.

Yearly blog post just dropped: Control Flow Hijacking via Data Pointers 🐸 Showcasing how to find your own in Binary Ninja, how to weaponize and write a shellcode stub etc. Hopefully people find it useful :) legacyy.xyz/defenseevasion…

BOF is out now, enjoy! 🐸 github.com/iilegacyyii/Da…

Centralized resource for listing and organizing known injection techniques and POCs: //#ProcessInjection

🧙‍♂️Loki project is up to 25 vulnerable ⚡️Electron apps! What features would you like to see added to Loki? Private beta has: 🧦SOCKS5 proxy 📝Task Queue 🛜C2 Server ⚡️Agent rewrite 🥷Evasion github.com/boku7/Loki

blog.es3n1n.eu/posts/how-i-ru…

👇 github.com/ly4k/Certipy/d…

🚀 We just released my research on BadSuccessor - a new unpatched Active Directory privilege escalation vulnerability It allows compromising any user in AD, it works with the default config, and.. Microsoft currently won't fix it 🤷‍♂️ Read Here - akamai.com/blog/security-…

Halfway through 2025 and our release counter is already in double digits with 11 shipped! Major highlights: - Async task support for OC2 -Portal overhaul - New BOF Loader - Enclave sleepmask in OC2 With more exciting releases to come, be sure to keep up: outflank.nl/products/outfl…

[BLOG] Dynamically Instrumenting Beacon with BeaconGate - For All Your Call Stack Spoofing Needs! cobaltstrike.com/blog/instrumen…