Reposted by tmap
Okay, I finally learned enough Kdenlive to mash together a more formal video on the general process I took to reverse engineer this device and write my own shitty drivers with python, hope you enjoyyyy :)
#reverseengineering #python #linux
youtu.be/6yd1vC0Turs
#reverseengineering #python #linux
youtu.be/6yd1vC0Turs
Reverse Engineering: Making USB device drivers for Linux with Python!
YouTube video by ReversingForFun
youtu.be
September 12, 2025 at 12:40 PM
Okay, I finally learned enough Kdenlive to mash together a more formal video on the general process I took to reverse engineer this device and write my own shitty drivers with python, hope you enjoyyyy :)
#reverseengineering #python #linux
youtu.be/6yd1vC0Turs
#reverseengineering #python #linux
youtu.be/6yd1vC0Turs
Reposted by tmap
Reposted by tmap
Today I have a more serious topic than usual, please consider reposting for reach:
My wife and I are urgently looking for a specialist in neuropediatrics or a similar field for our autistic child with a diagnosed, but not further specified, movement disorder [1/4]
My wife and I are urgently looking for a specialist in neuropediatrics or a similar field for our autistic child with a diagnosed, but not further specified, movement disorder [1/4]
August 19, 2025 at 8:34 AM
Today I have a more serious topic than usual, please consider reposting for reach:
My wife and I are urgently looking for a specialist in neuropediatrics or a similar field for our autistic child with a diagnosed, but not further specified, movement disorder [1/4]
My wife and I are urgently looking for a specialist in neuropediatrics or a similar field for our autistic child with a diagnosed, but not further specified, movement disorder [1/4]
Reposted by tmap
👋🏿 Hackers!
Are you a Red Teaming Wizard 🧙🏿 looking for a new challenge? @shielder.com is hiring a Red Teaming Lead to join our crew!
More info ⬇️ (share appreciated) #hiring #redteaming
romhack.io/job-opportun...
Are you a Red Teaming Wizard 🧙🏿 looking for a new challenge? @shielder.com is hiring a Red Teaming Lead to join our crew!
More info ⬇️ (share appreciated) #hiring #redteaming
romhack.io/job-opportun...
RomHack - Job opportunities
Check for RomHack sponsor's job opportunities
romhack.io
August 7, 2025 at 7:38 PM
👋🏿 Hackers!
Are you a Red Teaming Wizard 🧙🏿 looking for a new challenge? @shielder.com is hiring a Red Teaming Lead to join our crew!
More info ⬇️ (share appreciated) #hiring #redteaming
romhack.io/job-opportun...
Are you a Red Teaming Wizard 🧙🏿 looking for a new challenge? @shielder.com is hiring a Red Teaming Lead to join our crew!
More info ⬇️ (share appreciated) #hiring #redteaming
romhack.io/job-opportun...
Reposted by tmap
do not upload your photo to any ID verification service to BROWSE THE INTERNET i am being so serious id much rather buy a vpn. learn how to pirate. this data is so obviously going to be used in nefarious ways
July 30, 2025 at 9:20 PM
do not upload your photo to any ID verification service to BROWSE THE INTERNET i am being so serious id much rather buy a vpn. learn how to pirate. this data is so obviously going to be used in nefarious ways
Reposted by tmap
Working with folks from @lucasfilm.bsky.social, @ilmvfx.bsky.social, and Apple to secure some of the OSS foundations the movie and entertainment industries rely on was so cool!
Big shout-out 📣 to the @ostifofficial.bsky.social and ASWF for making this possible.
Big shout-out 📣 to the @ostifofficial.bsky.social and ASWF for making this possible.
🚨 New Open Source Audit Alert! 🚨
Shielder, with @ostifofficial.bsky.social & ASWF audited OpenEXR and MaterialX:
🔍 11 issues found (1 critical, 3 still to be published)
✔️ Most fixed, others planned
🗣️ ndaprela @smaury.bsky.social @suidpit.bsky.social @thezero.org
Full details in the blog post ⬇️🧵
Shielder, with @ostifofficial.bsky.social & ASWF audited OpenEXR and MaterialX:
🔍 11 issues found (1 critical, 3 still to be published)
✔️ Most fixed, others planned
🗣️ ndaprela @smaury.bsky.social @suidpit.bsky.social @thezero.org
Full details in the blog post ⬇️🧵
July 31, 2025 at 3:23 PM
Working with folks from @lucasfilm.bsky.social, @ilmvfx.bsky.social, and Apple to secure some of the OSS foundations the movie and entertainment industries rely on was so cool!
Big shout-out 📣 to the @ostifofficial.bsky.social and ASWF for making this possible.
Big shout-out 📣 to the @ostifofficial.bsky.social and ASWF for making this possible.
Reposted by tmap
🚨 *Attention!* We were made aware of a fake “KeePassXC Password Manager Pro” repository on GitHub that links to unverified external binary downloads.
- There is NO Pro version of KeePassXC!
- You get all the “Pro” features with the regular version.
1/2
- There is NO Pro version of KeePassXC!
- You get all the “Pro” features with the regular version.
1/2
May 21, 2025 at 6:45 AM
🚨 *Attention!* We were made aware of a fake “KeePassXC Password Manager Pro” repository on GitHub that links to unverified external binary downloads.
- There is NO Pro version of KeePassXC!
- You get all the “Pro” features with the regular version.
1/2
- There is NO Pro version of KeePassXC!
- You get all the “Pro” features with the regular version.
1/2
Reposted by tmap
Hey artists! Would you like to have your art featured in the print edition of Phrack 72? You can email us at arts@phrack.org
April 18, 2025 at 6:29 PM
Hey artists! Would you like to have your art featured in the print edition of Phrack 72? You can email us at arts@phrack.org
Reposted by tmap
Save the date - BlackHoodie will be offering a free reverse engineering training for women by women in Stockholm at @sec-t.bsky.social conference on September 10th! Thanks to the wonderful people of SEC-T ♥️
April 8, 2025 at 6:43 PM
Save the date - BlackHoodie will be offering a free reverse engineering training for women by women in Stockholm at @sec-t.bsky.social conference on September 10th! Thanks to the wonderful people of SEC-T ♥️
this.
I can't believe it's 2025 and we're still embracing "turn all your employees into infallible cybersecurity experts who can reliably identify 'suspicious links'" as a cybersecurity control. If a single employee clicking a link can bring down your entire org, you never had cybersecurity to begin with.
March 27, 2025 at 7:45 PM
this.
Reposted by tmap
New capabilities coming to Microsoft Sentinel this Spring
techcommunity.microsoft.com/blog/microso...
#MicrosoftSentinel #Cybersecurity #MicrosoftSecurity #Security #DefenderXDR
techcommunity.microsoft.com/blog/microso...
#MicrosoftSentinel #Cybersecurity #MicrosoftSecurity #Security #DefenderXDR
New capabilities coming to Microsoft Sentinel this Spring | Microsoft Community Hub
New capabilities coming to Microsoft Sentinel this Spring
We are excited to share the latest advances coming to Microsoft Sentinel over the next few months...
techcommunity.microsoft.com
March 24, 2025 at 11:03 PM
New capabilities coming to Microsoft Sentinel this Spring
techcommunity.microsoft.com/blog/microso...
#MicrosoftSentinel #Cybersecurity #MicrosoftSecurity #Security #DefenderXDR
techcommunity.microsoft.com/blog/microso...
#MicrosoftSentinel #Cybersecurity #MicrosoftSecurity #Security #DefenderXDR
Reposted by tmap
Reposted by tmap
repo of detailed bounty reports
hackerone-reports/tops_by_bug_type at master · reddelexc/hackerone-reports
Top disclosed reports from HackerOne. Contribute to reddelexc/hackerone-reports development by creating an account on GitHub.
github.com
February 17, 2025 at 4:42 PM
repo of detailed bounty reports
Any other words you recommend to mute?
February 14, 2025 at 3:24 PM
Any other words you recommend to mute?
Reposted by tmap
Backdoor my ass! At most... usual Chinese poor design choices... 🥲
February 14, 2025 at 1:58 PM
Backdoor my ass! At most... usual Chinese poor design choices... 🥲
Reposted by tmap
🌟New report out today!🌟
Cobalt Strike and a Pair of SOCKS Lead to LockBit Ransomware
Analysis & reporting completed by @r3nzsec, @MyDFIR & @MittenSec.
Audio: Available on Spotify, Apple, YouTube and more!
thedfirreport.com/2025/01/27/c...
Cobalt Strike and a Pair of SOCKS Lead to LockBit Ransomware
Analysis & reporting completed by @r3nzsec, @MyDFIR & @MittenSec.
Audio: Available on Spotify, Apple, YouTube and more!
thedfirreport.com/2025/01/27/c...
Cobalt Strike and a Pair of SOCKS Lead to LockBit Ransomware
Key Takeaways This intrusion began with the download and execution of a Cobalt Strike beacon that impersonated a Windows Media Configuration Utility. The threat actor used Rclone to exfiltrate data…
thedfirreport.com
January 27, 2025 at 12:55 PM
🌟New report out today!🌟
Cobalt Strike and a Pair of SOCKS Lead to LockBit Ransomware
Analysis & reporting completed by @r3nzsec, @MyDFIR & @MittenSec.
Audio: Available on Spotify, Apple, YouTube and more!
thedfirreport.com/2025/01/27/c...
Cobalt Strike and a Pair of SOCKS Lead to LockBit Ransomware
Analysis & reporting completed by @r3nzsec, @MyDFIR & @MittenSec.
Audio: Available on Spotify, Apple, YouTube and more!
thedfirreport.com/2025/01/27/c...
Reposted by tmap
I wrote a PoC for the recent Ivanti Connect Secure stack buffer overflow, CVE-2025-0282, based on the exploitation strategy watchTowr published, along with an assessment of exploitability given the lack of a suitable info leak to break ASLR: attackerkb.com/assessments/...
January 16, 2025 at 3:52 PM
I wrote a PoC for the recent Ivanti Connect Secure stack buffer overflow, CVE-2025-0282, based on the exploitation strategy watchTowr published, along with an assessment of exploitability given the lack of a suitable info leak to break ASLR: attackerkb.com/assessments/...
Reposted by tmap
IBM X-Force's Logan Goins has released Krueger, a .NET tool for remotely killing EDR using the Windows Defender Application Control (WDAC) utility
github.com/logangoins/K...
github.com/logangoins/K...
GitHub - logangoins/Krueger: Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC
Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC - logangoins/Krueger
github.com
December 26, 2024 at 1:46 PM
IBM X-Force's Logan Goins has released Krueger, a .NET tool for remotely killing EDR using the Windows Defender Application Control (WDAC) utility
github.com/logangoins/K...
github.com/logangoins/K...
Reposted by tmap
Santa's early w/ a new #BloodHoundBasics post!🎅
Looking for new Attack Paths to the domain? 🔎
BH v6.3 introduces CoerceToTGT.
The edge connects principals w/ unconstrained delegation to the domain, as attackers can use those to coerce privileged computers & retrieve their TGT.
Looking for new Attack Paths to the domain? 🔎
BH v6.3 introduces CoerceToTGT.
The edge connects principals w/ unconstrained delegation to the domain, as attackers can use those to coerce privileged computers & retrieve their TGT.
December 20, 2024 at 7:43 PM
Santa's early w/ a new #BloodHoundBasics post!🎅
Looking for new Attack Paths to the domain? 🔎
BH v6.3 introduces CoerceToTGT.
The edge connects principals w/ unconstrained delegation to the domain, as attackers can use those to coerce privileged computers & retrieve their TGT.
Looking for new Attack Paths to the domain? 🔎
BH v6.3 introduces CoerceToTGT.
The edge connects principals w/ unconstrained delegation to the domain, as attackers can use those to coerce privileged computers & retrieve their TGT.
Reposted by tmap
New module on #NetExec : wam
Dump #Entra access tokens from Windows Token Broker Cache, and make your way to Entra 🚀
Thanks @xpnsec.com for the technique! More info on his blog : blog.xpnsec.com/wam-bam/
Dump #Entra access tokens from Windows Token Broker Cache, and make your way to Entra 🚀
Thanks @xpnsec.com for the technique! More info on his blog : blog.xpnsec.com/wam-bam/
December 18, 2024 at 4:26 PM
New module on #NetExec : wam
Dump #Entra access tokens from Windows Token Broker Cache, and make your way to Entra 🚀
Thanks @xpnsec.com for the technique! More info on his blog : blog.xpnsec.com/wam-bam/
Dump #Entra access tokens from Windows Token Broker Cache, and make your way to Entra 🚀
Thanks @xpnsec.com for the technique! More info on his blog : blog.xpnsec.com/wam-bam/
Reposted by tmap
Python tool that converts Microsoft Defender Antivirus Signatures (VDM) into YARA rules.
https://github.com/t-tani/defender2yara
https://github.com/t-tani/defender2yara
GitHub - t-tani/defender2yara: Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules
Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules - t-tani/defender2yara
github.com
December 14, 2024 at 4:38 AM
Python tool that converts Microsoft Defender Antivirus Signatures (VDM) into YARA rules.
https://github.com/t-tani/defender2yara
https://github.com/t-tani/defender2yara
Reposted by tmap
December 13, 2024 at 7:49 PM
Reposted by tmap
A companion blog to my Bluehat 2024 presentation on OleView.NET is up now. googleprojectzero.blogspot.com/2024/12/wind...
googleprojectzero.blogspot.com
December 12, 2024 at 11:32 PM
A companion blog to my Bluehat 2024 presentation on OleView.NET is up now. googleprojectzero.blogspot.com/2024/12/wind...
Reposted by tmap
i think we should have let the flash plugin live and just allow it to give u viruses. kids these days do not get enough viruses on their computer
December 10, 2024 at 11:09 PM
i think we should have let the flash plugin live and just allow it to give u viruses. kids these days do not get enough viruses on their computer
Reposted by tmap
New #AADInternals version is finally out now:
▪ Moved endpoint related stuff to new module: AADInternals-Endpoints
▪ Added blue team stuff
▪ Added red team stuff
See full change log at: aadinternals.com/aadinternals...
▪ Moved endpoint related stuff to new module: AADInternals-Endpoints
▪ Added blue team stuff
▪ Added red team stuff
See full change log at: aadinternals.com/aadinternals...
December 10, 2024 at 4:53 PM
New #AADInternals version is finally out now:
▪ Moved endpoint related stuff to new module: AADInternals-Endpoints
▪ Added blue team stuff
▪ Added red team stuff
See full change log at: aadinternals.com/aadinternals...
▪ Moved endpoint related stuff to new module: AADInternals-Endpoints
▪ Added blue team stuff
▪ Added red team stuff
See full change log at: aadinternals.com/aadinternals...