sometimes all nighters do be like that

Red teamers when someone tries to meaningfully categorize TTPs instead of putting another shitty shellcode loader on GitHub

It took a surprise live workshop delivery but I've now righteously earned this awesome @DEATHCon2024 creator coin (it even has a skull! 💀) Huge thanks to AH [email protected] and Olaf Hartong for an excellent event. Learned a lot and got to meet awesome people

🤣🤣🤣🤣

Any feedback is greatly appreciated!

L'ultima cosa vista dal CEO prima di essere fr3ddato da Luigi Mangione

Attacking an EDR Part 1 her0ness.github.io/2023-08-03-c2-… Part 2 her0ness.github.io/2023-09-14-Att… Part 3 her0ness.github.io/2023-11-07-Att…

it's a trap

can’t let them down

New Spikee tutorial! Learn how to test prompt injection in GenAI-powered apps (not just chatbots). ✅ Build a targeted dataset ✅ Use Burp Suite Intruder ✅ Test with Spikee’s Python custom targets For those working on LLM security & pentesting: 🎥👇 youtu.be/98W1zYj6jQ8

RIP truesight.sys, it was nice working with you… guess I can’t flex a kernel 0 day anymore.

Past doesn’t repeat, it rhymes cit. her0ness.github.io/2023-11-07-Att…

My latest blog post just dropped! This time it's about Entra 🆔 "High-Profile Cloud Privesc" revisits an old PowerShell trick to pivot from cloud to endpoint - or how to elevate to Global Admin from 'OneDrive Admin'-equivalent permissions labs.reversec.com/posts/2025/07/…

Vibe-coded AI startup 2025