Ahmed

The 2016 Mirai botnet attack was a wake-up call:

IoT security is nonexistent at scale.

Default creds & unpatched firmware turned cameras into DDoS cannons.

Lessons?

Harden IoT or expect more botnet chaos.

#CyberSecurity #History #DDoS #IoT #Infosec #Mirai

Book Recommendation:

Mastering post-exploitation?

'The Hacker Playbook 3' 👌

by Peter Kim is a must-read, as it covers:

a. Actual Attack Chains,
b. Evasion Techniques,
c. Red Team Strategies.

Practical over theory.

Link: digtvbg.com/files/books-...

#RedTeam #OffSec #infosec

Inline hooking too noisy?

Use hardware breakpoints via 'SetThreadContext' to hijack execution flow without modifying code.

Silent, reversible & hard to detect.

#RedTeam #Malware #infosec #cybersecurity #bugbounty

Build the Ultimate On-the-Go Penetration Testing Machine with Kali Linux & Raspberry Pi Table of Contents:

Turn your Raspberry Pi into a 𝐩𝐨𝐜𝐤𝐞𝐭-𝐬𝐢𝐳𝐞𝐝 𝐩𝐞𝐧𝐭𝐞𝐬𝐭𝐢𝐧𝐠 𝐩𝐨𝐰𝐞𝐫𝐡𝐨𝐮𝐬𝐞 with Kali.

⚡Stealthy, portable & packed with offensive tools, as real security pros test anytime, anywhere.

🔍 Topic: medium.com/@mawgoud/bui...

#KaliLinux #CyberSecurity #Infosec

Say goodbye to Skype The 22-year-old video calling tool will reportedly retire in May 2025.

Goodbye Skype

Once the king of VoIP, now just a ghost in the digital graveyard. ☠️

From P2P-powered resilience to Microsoft's EDR-infested bloat, it never stood a chance.

Source: mybroadband.co.za/news/interne...

#Skype #Tech #VoIP #EDR #Teams #Zoom

VMware Warns Customers to Patch Actively Exploited Zero-Day Flaws Cloud software firm VMware has issued a critical security advisory, detailing three zero-day vulnerabilities being actively exploited in the wild

Three VMware zero-days exploited in the wild.
CVE-2025-22224,
CVE-2025-22225,
CVE-2025-22226.

Attackers with admin access can chain these to escape VM sandboxes & control the hypervisor.

#VMware #ZeroDay #CyberSecurity #Infosec #Cybersecurity

Source: www.infosecurity-magazine.com/news/vmware-...

EDRs love API hooking?

PatchGuard doesn’t.

Instead of unhooking,

do this ... redirect execution using Heaven’s Gate (switching to 64-bit from 32-bit in WoW64) / indirect syscalls.

Stay ahead, stay silent. 🕵️‍♂️

#RedTeam #Malware #infosec #cybersecurity #bugbounty #EDR #WoW64

Process injection via Atom Tables is an underrated stealth tactic.

Store shellcode in an atom, retrieve it in a remote process, and execute via callback.

Avoids common memory scanning detections.

#RedTeam #EDREvasion #Infosec #CyberSecurity

🔧Transform your Raspberry Pi into a portable pentesting powerhouse with a 3.5-inch touchscreen & Kali Linux!

--Ideal for on-the-go cybersecurity assessments.

🔍Details: mobile-hacker.com/2025/02/26/b...

#Pentesting #Infosec #KaliLinux #RaspberryPi #cybersecurity

🔍Leaked code reveals a token refresh script used in adversary-in-the-middle (AITM) attacks.

If you're not monitoring OAuth token activity, you're flying blind.

Stay vigilant.

#CyberSecurity #AITM #OAuth #infosec #MiTM

github.com/zolderio/AIT...

⤼ Early Grok-3 ('chocolate') leads the 'Chatbot Arena ELO rankings' edging out top-tier models

Are novel training paradigms (e.g., retrieval-augmented generation, improved instruction tuning) playing a larger role?

Feb, 2025

#AI #MachineLearning #LLMs #NLP #DeepLearning #Grok

🔍If you’re analyzing malware, forget static AV scanners.

Use 𝐅𝐥𝐚𝐫𝐞𝐕𝐌, 𝐂𝐀𝐏𝐀 & 𝐱𝟔𝟒𝐝𝐛𝐠 for real insights.

Pair with 𝚜𝚢𝚜𝚖𝚘𝚗 + 𝚂𝚒𝚐𝚖𝚊 𝚛𝚞𝚕𝚎𝚜 for tracking execution flow as a pro.

𝐀𝐮𝐭𝐨𝐦𝐚𝐭𝐢𝐨𝐧 > 𝐆𝐮𝐞𝐬𝐬𝐰𝐨𝐫𝐤.

#Malware #infosec #Bug #CVE

🔒Bonus: Zerologon (CVE-2020–1472):

This vulnerability lets attackers control Domain Controllers by resetting the krbtgt password.

Patch your systems to avoid this!

#infosec #Bug #Zerologon

10/10 Active Directory Misconfigurations:

Weak policies, overprivileged accounts, no MFA - all these can be exploited. Regular audits & patches are your best defense!

#AD #MFA #infosec #bug #cybersecurity

9/10 LSASS Dumping:

Using tools like Mimikatz, attackers can dump LSASS memory to steal passwords & tickets.

It's all about memory access.

#LSASS #CredentialDumping #Mimikatz

8/10 MITM via LLMNR, NBT-NS, WPAD Poisoning:

By poisoning name resolution protocols, attackers can capture credentials sent over the network.

Stealthy but detectable.

#MITM #ComputerNetworks #infosec #cyberattack #privacy

7/10 NTLM Relay Attack:

Here, attackers intercept NTLM authentication requests, relaying them to gain access elsewhere.

It's all about misdirecting credentials.

#NTLMRelay #NetworkSecurity #ActiveDirectory #infosec

6/10 Golden Ticket Attack:

With the krbtgt hash, attackers create fake tickets to impersonate any user.

This grants them unlimited access to domain resources!

#GoldenTicket #Kerberos #Hash #CyberSecurity

5/10 DCSync Attack:

By impersonating a Domain Controller, attackers can extract credentials from any DC.

This can lead to Golden Ticket attacks.

#DCSync #Persistence #DomainController

4/10 AS-REP Roasting:

Focuses on accounts without required pre-authentication, allowing attackers to crack passwords from AS-REP tickets.

#ASREP #SecurityTips #Authentication #Passwords

3/10 Kerberoasting:

Targets service accounts by cracking Kerberos tickets.

If service accounts have weak passwords, it's a goldmine for attackers.

#Kerberos #ADSecurity #Kerberoasting #password

2/10 Pass-the-Hash (PtH) Attack:

Hackers grab #NTLM hashes without cracking passwords, then use them to move around the network.

Tools like #Mimikatz are popular for this.

#PtH #CyberAttack #infosec #exploitation

Morning / Evening all ☕️

Let's talk about Active Directory (AD) security.

Attackers 'love' targeting AD for domain admin privileges.

Here's a thread on the top techniques they use!

Image Credit: (cyber.gov.au, 2024)

A Thread 1/10🧵

#CyberSecurity #infosec #CVE

You will enjoy reading this ☕

🔬What IF: Scientists Choose Rust Over Python for AI Development.

📖 Read the full story ..

🔗https://mawgoud.medium.com/earth-72-scientists-adapted-rust-instead-of-python-for-artificial-intelligence-development-84b705459613

#AI #Rust #Python #Tech #Multiverse #ML

🚨 DeepSeek's iOS app is sending sensitive user data to a ByteDance (TikTok) .. affiliated cloud platform without encryption.

👉 Full Report: thehackernews.com/2025/02/deep...

#Cybersecurity #Privacy #Bug #Encryption #Tech #News #Security #TikTok #DeepSeek #OpenAI

Ups and downs of #redteam engagements. When the standard payloads don’t cut it, innovation wins. Learn how we misused a screenshot tool to load shellcode… at the fifth attempt!…
blog.compass-security.com/2024/12/a-ni...

Red Teamers: do NOT neglect SNMP like sysadmins usually do! SO many networks have granted me very quick wins through SNMP enumeration, which can be done with Metasploit, snmpwalk, and onesixtyone:

Enum Windows accounts (spray?):
snmpwalk -c public -v1 $TARGET 1.3.6.1.4.1.77.1.2.25
#hacking #redteam

Dumping LSASS?

Ditch 'MiniDumpWriteDump'—too noisy.

Use NtReadVirtualMemory via direct syscalls
or
use (COM+ LRPC abuse) for stealthier creds extraction.

EDRs hate this one trick. 😉

#RedTeam #Malware #EDR #IncidentHandling #infosec #DFIR

Bypass 'FindWindow' anti-debug checks by hooking 'NtUserFindWindowEx' & returning a fake handle.

🕵️‍♂️ Malware loves to check for debuggers this way ... feed it garbage & watch it fail.

#ReverseEngineering #Malware #infosec #bug #exploitation #pentesting

🔍 Think your browser extensions are harmless?

A rogue extension with 'activeTab' or 'all_urls' permissions can:
- steal cookies,
- inject scripts,
- or track everything you do.

Audit them.

Less is more.

#Privacy #CyberSecurity #infosec #browser #chrome #firefox #opera