Nitrix0

I've added like, 90 papers on malware development and malware detection. The stuff I've added ranges from kernel mode stuff, to how to hide malware stuff on the BlockChain, to detecting SYSCALL evasion, blah blah blah. It's about 50% of my backed up papers-to-add that I've had building up since my son was born. Mrs. Smellington has been watching the baby while I lock in, archive the papers, and sync them to prod. Thank you, Mrs. Smellington, for allowing me to add all of these papers for these stinky nerds. It is very important nerds have this stuff. You can view the MASSIVE update here: https://t.co/tlH7brTNZF

C̶l̶a̶u̶d̶e̶ ̶B̶u̶g̶ ̶H̶u̶n̶t̶e̶r̶ is now BUG HUNTER. We changed the name because it is no longer limited to Claude Code. Now it is a standalone open-source CLI that runs from any terminal. Use Ollama, Groq, DeepSeek, Claude, OpenAI or Grok. Built for the bug bounty community. Run it locally with Ollama - no paid AI subscription required. We are very close to 2.5K GitHub stars. Let’s make it happen, guys. More updates coming soon. #OpenSource #BugBounty #CyberSecurity #AI #EthicalHacking #Ollama #GitHub #SecurityTools #BugHunter

A Detailed Guide on AI-Powered Nmap Using ShellGPT 🔥 Telegram: https://t.co/upuP8k8ckB ✴ Twitter: https://t.co/Za7rYILz6E ShellGPT brings the power of AI directly into your terminal, allowing you to generate Nmap commands, automate reconnaissance tasks, and simplify complex command-line operations using natural language prompts. 📚 What You’ll Learn in This Guide 🤖 Introduction to ShellGPT & AI-Assisted Pentesting ⚙️ Installing & Configuring ShellGPT 🔑 Setting Up OpenAI API Access 💻 Using Natural Language to Generate Nmap Commands 🔍 Host Discovery & Network Enumeration 📡 Port Scanning & Service Detection Automation 🛠️ Vulnerability Assessment with AI-Generated Commands 📋 Creating Custom Nmap Scan Profiles 🚀 Automating Reconnaissance Workflows 📊 Improving Productivity During Security Assessments 🧠 Best Practices for AI-Assisted Command Generation 🛡️ Security Considerations & Limitations of AI Tools 📖 Article: https://t.co/VeiJvrNcJj #CyberSecurity #Nmap #ShellGPT #AI #Eth

Passwords & Credentials 1. John the Ripper Classic password hash cracker supporting multiple algorithms (DES, MD5, bcrypt, NTLM) with dictionary, brute-force, and incremental modes. 2. Hashcat High-performance GPU-accelerated password recovery tool. Supports 300+ hash types, multiple attack modes (dictionary, mask, hybrid, rule-based), and distributed cracking. 3. Medusa Parallel network authentication brute-forcer. Supports SSH, FTP, HTTP, SMB, RDP, and more designed for speed and reliability across multiple targets. 4. Crunch Custom wordlist generator. Create dictionaries based on character sets, patterns, and length ranges. Ideal for targeted brute-force attacks. 5. CeWL Website content scraper that builds custom wordlists by crawling a target site. Perfect for generating context-aware password dictionaries. 6. RockYou.txt Legendary leaked password database (~14M entries). Still one of the most effective starting points for dictionary attacks. 7. SecLists Massive curated collection of wordlists for fuzzing, brute-forcing, and reconnaissance: usernames, passwords, URLs, payloads, and more. 8. Mimikatz Post-exploitation tool for extracting credentials from Windows: LSASS memory, SAM database, Kerberos tickets, and DPAPI secrets. 9. LaZagne Local credential recovery tool. Retrieves passwords from browsers, Wi-Fi configs, Git, databases, and dozens of other applications. 10. Responder LLMNR/NBT-NS/mDNS poisoner. Captures NTLM hashes from network broadcast requests essential for internal network assessments. 11. Credential Ninja Windows credential harvesting tool. Extracts saved passwords, API keys, and tokens from local storage and application configs. #Password #Bruteforce #Tools #InfoSec #CyberSecurity #EthicalHacking #Pentesting #RedTeam #CredentialHarvesting #SecurityTools #MrRobot #CyberSec #OffensiveSecurity

Claude-BugHunter — Turn Claude Code into a Senior Bug Hunter & Red Team Operator 🤖💀 A powerful skill bundle built for bug bounty hunters and external red teams. • 51 specialized security skills • 15 slash commands for automated workflows • 681 real disclosed report patterns • Coverage across Web, API, Cloud, OAuth, SAML, GraphQL, SSRF, IDOR, XSS, RCE & more • Enterprise attack paths for M365, Okta, VPNs, SharePoint & VMware • Built-in triage, validation, reporting & evidence hygiene workflows • Burp MCP integration and engagement tracking From recon and vulnerability discovery to validation and report writing, Claude automatically loads the right skills based on what you're testing. 🔗 https://t.co/89R7Cx20oz #BugBounty #RedTeam #Pentesting #CyberSecurity #InfoSec #OSINT #ClaudeCode #AppSec

One of the most frequent questions I'm asked is "how do you stay up to date on malware stuff?" Okay, here is a pro tip: 1. Google OTX AlienVault 2. Make account 3. Look at latest 4. Scroll until you find posts from a guy named Petr something-something (has numbers in his name). 4. Follow his account He monitors all the big malware places and shares the URL, hashes, etc. from malware vendors. I've been following this random ass dude for years and getting updates on everything. I have no idea who he is. I don't know where he's from. All I know is his setup is absolute fire and he keeps you up to date on literally everything malware related 24/7 365. He also has stuff from vendors in China, Russia, Japan, etc. Every morning I log into OTX and check up on my boy Petr to see what fire he's bringing me. I love him.