BYOVD is a well-known technique commonly used by threat actors to kill EDR 🔪
However, with the right primitives, you can do much more.
Find out how Luis Casvella found and exploited 4 vulns (CVE-2025-8061) in a signed Lenovo driver.
👇
https://t.co/yKVfTYi61L
Introducing Havoc Professional: A Lethal Presence
We’re excited to share a first look at Havoc Professional, a next-generation, highly modular Command and Control framework, and Kaine-kit our fully Position Independent Code agent engineered for stealth!
https://t.co/0aPVihoFIU
🧪 New technique: DreamWalkers
A reflective shellcode loader that crafts a synthetic, clean call stack.
Achieving stealthy execution from memory-mapped modules.
🔗 https://t.co/kYLmaVkn5Z
#MalwareResearch#RedTeam#WindowsInternals#OffSec
Thank you all for joining the Star Wars NetExec workshop at @_leHACK_ 2025 with @_zblurx & @wil_fri3d 🔥🪐
50 hackers, 1 room, 2 domains to pwn! 💥
🥇 @LeandreOnizuka takes the win 🏆
🥈 @wfrnds1 in second place
Full write-up by @LeandreOnizuka 📝👇
https://t.co/AxI7CbsHfW
The Offensive Phishing Operations Course has been released.
81 modules are included in the initial launch, with the first update already being worked on.
More information: https://t.co/Jza6kUSb4W
Syllabus: https://t.co/SotB46YmMX
spend some time rewriting stardust to be more minimalist and easier to use! I needed a generic minimal shellcode template that works for both x86 and x64 out of the box so I rewrote stardust to do so.
It is now written in C++20 and utilizing some of its language features. The template can be used to easily write shellcode fast in a more modern and less painful way.
The project can be compiled in release or debug mode, where as debug mode will just allow the use of DBG_PRINTF, which calls DbgPrint under the hood to print out strings to the currently attached debugger.
There are more things i have added so consider checking it out. I removed global variable access since i no longer use it nor require it (went for diff design heh). If u still need that feature I would recommend to change the branch to "globals-support" where the old version is hosted.
https://t.co/xjM3y9dTW3
🚀 Big Announcement! 🚀
After 8+ years of working on PayloadsAllTheThings, I’m excited to release it as an ebook on Leanpub! 📖✨
To celebrate, I’m gifting 5 free copies to random retweeters! 🔥
👉 Retweet for a chance to win
Thank you all for your incredible support! 🙌
This cheatsheet has been a labor of love and countless hours of dedication.
👉 Grab your copy now: https://t.co/SNs7mSgXAJ
The results will be announced on 25th December. Entries will close Tuesday 24th, December at 12:00 PM (GMT) 🕐
#CyberSecurity #Infosec #PayloadsAllTheThings #EbookRelease
🌧️ On a rainy day, I dove into Pokémon Yellow glitches. Ever wondered how they work under the hood?
As kids, we were already hackers manipulating bits in memory! 🔍👾
Read more in my latest blog post:
https://t.co/LZXKNAxQya
I wrote a blogpost and a tool on how to abuse Vectored Exception Handling (VEH) along with indirect syscalls to produce legitimate call stack without manually constructing them.
Blog Link: https://t.co/zLCtetcPaY
Tool Link: https://t.co/AHdJgZB99O
I haven't posted anything about Havoc in a while so imma share something I have been working on. Wrote a custom VM/Interpreter (based on the RISC-V instruction set) to execute exploits and other arbitrary code.
The client is now fully extendable and scriptable via the Python API
The Mythic 3.3 Beta just dropped! All sorts of new features including a new Eventing System, more container types, more developer features, better sleep tracking features, and even SSO possibilities! https://t.co/cOde9DCoGT Check it out!
Super stoked to be joined by @its_a_feature_ live on stream July 14th at 5 PM UTC. It will be a technical Mythic deep-dive session to showcase the development workflow for creating and testing Mythic agents, tips and tricks for troubleshooting, and much more!🔥🔥 https://t.co/XT4tO4Ymuy
If your #phishing emails are getting blocked, the culprit may be the links. 🔗
In the latest installment of his blog series Phishing School, @FKasler demonstrates how you can bypass link filters. ⤵️ https://t.co/0wrIgZI0oS
@C5pider@Ze_Asimovitch Yeah we learned a lot with your source code. Our agent that we use and wrote in our company has a lot of features which are inspired by your implementation (DotNet Assembly, SMB pivot, etc.)
The best way to learn MalDev is to read source code and yours is awesome :)