Manu Kiesel

well, there goes the empty HIBP dashboard...

pi-hole.net/blog/2025/07...

the vendor's response is fcking mental

github.com/impress-org/...

BloodHound v8.0 is here! 🎉

This update introduces BloodHound OpenGraph, revolutionizing Identity Attack Path Management by exposing attack paths throughout your entire tech stack, not just AD/Entra ID.

Read more from Justin Kohler: ghst.ly/bloodhoundv8

🧵: 1/7

I'm not a (Android-) malware analyst. Maybe someone you know wants to take a closer look at this. Download via og site or
www.virustotal.com/gui/file/6fe...

7/7

Static cryptography in a malware version of "Bitchat"

And unhackable cryptography 6/X

References to RayV2 in a malware version of "Bitchat"

Also proxies 5/X

References to cryptocurrency stuff in a malware version of "Bitchat"

It has references to a lot of cryptocurrency stuff 4/X

Permissions requested by a malware version of "Bitchat"

It wants a few permissions 3/X

Download URL for a malware version of "Bitchat"

The fake one distributes a ~500MB APK via myhuaweicloud while linking to the og source code. 2/X

🚨 To everyone wanting to try out the new p2p chat app Bitchat: Be aware, there is already at least one fake website: bitchats(dot)app! 🚨

The legit one, based on the GitHub account, is bitchat.free.

1/X

Generate a "roadrecon auth" command by extracting tokens from portal.azure.com Generate a "roadrecon auth" command by extracting tokens from portal.azure.com - roadrecon_azure_portal.js

gist.github.com/rtfmkiesel/1...

matelab.ch - The Swiss Mate Index Compare mate-based beverages

🇨🇭 🧉 With Landi's Farmer Mate, we're now at 54 mate-based beverages! It also takes the spot for cheapest 1 mg of caffeine per beverage, as it is just 1 Rp cheaper than Migros Lamate.

Also, the site had a small re-design.👾

matelab.ch

wtf is going on with @github.com... I need to login to view a (public) repo?

matelab.ch The Swiss Mate Index

🇨🇭 🧉 With Migros Lamate, we're now at 52 mate-based beverages! It also claimed the spot for cheapest 1 mg of caffeine per beverage.

matelab.ch

BloodHound Queries For All
queries.specterops.io

Thanks for the feedback. Yea it was because I was not logged in, I was not able to see the tweets.

BSides Zurich on X: "🔥 Save the Date: #BSidesZH Summer BBQ! 🔥 Join us on 28 August 2025 for a relaxed evening of great food, drinks, and conversation at the #BSidesZH #BBQ — the perfect chance to connect with fellow #infosec enthusiasts in a cozy, informal setting. /Cc @SecurityBSides https://t.co/JFyrmmTme0" / X 🔥 Save the Date: #BSidesZH Summer BBQ! 🔥 Join us on 28 August 2025 for a relaxed evening of great food, drinks, and conversation at the #BSidesZH #BBQ — the perfect chance to connect with fellow #infosec enthusiasts in a cozy, informal setting. /Cc @SecurityBSides https://t.co/JFyrmmTme0

A wow...

If you are not logged in, the profile page won't show posts. But a direct link still works.

x.com/BSidesZurich...

Did they?

I'm not affiliated with BSides Zurich btw. Their social media situation seems a bit fcked as X and Mastodon both seem dead.

Does somebody know someone there?
@defconch.bsky.social or maybe @candid.bsky.social ?

Also, the date is wrong on the page :P

BSides Zurich BBQ on 28th August 2025

bsideszh.ch

A German tech news site with about a 70/30 ratio of ads to content

Seriously, wtf happened to the web? How do people live without ad block?

A very insecure sudoers file

task failed successfully

UUIDs Don’t Replace Authorization | Manu Kiesel An IMHO on why blindly trusting UUIDs is bad

Better late than never, here is my take on the somewhat recent internet beef around UUIDs

mkiesel.ch/posts/uuids-...

If your website's main function is searching something, the cursor should be inside the search field by default. ffs...

Some of the PoCs now online

github.com/cyllective/p...

3 milliseconds to admin — Our analyst John Ostrowski turned a DLL hijacking into a reliable local privilege escalation on Windows 11. He chained opportunistic locks, and API hooking to win the race to CVE-2025-24076 & CVE-2025-24994. Read his blog post: blog.compass-security.com/2025/04/3-mi...

youtube[.]com/feeds/videos.xml?channel_id=UCy0tKL1T7wFoYcxCe0xjN6Q

The channel ID/URL can be found by searching for "application/rss+xml" or "channel_id" in the HTML source while viewing someone's channel page. (The forbidden F12 button)

2/2

YouTube video by Technology Connections Algorithms are breaking how we think

I highly recommend @techconnectify.bsky.social "Algorithms are breaking how we think"

www.youtube.com/watch?v=QEJp...

Since I get all my "news" via RSS feeds, I can add one more way of getting YouTube content:

You can subscribe to YouTube channels by RSS!

1/2

Persistence with VSCode plugin backdoors How to achieve persistence by backdooring installed VSCode plugins

g00d read 👾 Shameless self plug ... it also does not validate the checksum of installed extensions

mkiesel.ch/posts/vscode...

Screenshot showing the execution of the proof-of-concept named PowerChell in comparison to a typical PowerShell prompt. In particular, it shows that PowerChell is able to bypass the Constrained Language Mode (CLM).

In this blog post, I explain how I was able to create a PowerShell console in C/C++, and disable all its security features (AMSI, logging, transcription, execution policy, CLM) in doing so. 💪

👉 blog.scrt.ch/2025/02/18/r...

I did a thing again...

Also, 🔥 take: Missing "HttpOnly" is not directly a vulerability/eligible for a CVE...