WarthogTK's Avatar

WarthogTK

@warthogtk.bsky.social

Pentester | Ex MD (Intensivist & Healthcare Simulation) | (Black) Arch Enthusiast | Infosec - AD - Windows Internals/Maldev enthusiast | Geopolitics, Defense, Disinformation, Hybrid warfare | DCS, Gaming, Metal (OU=FR,DC=WORLD,DC=UNIVERSE)

464 Followers  |  1,698 Following  |  641 Posts  |  Joined: 14.08.2023  |  1.5554

Latest posts by warthogtk.bsky.social on Bluesky

Preview
Key IOCs for Pegasus and Predator Spyware Cleaned With iOS 26 Update iOS 26 changes how shutdown logs are handled, erasing key evidence of Pegasus and Predator spyware, creating new challenges for forensic investigators

Vulnerabilities in LUKS2 disk encryption for confidential VMs
blog.trailofbits.com/2025/10/30/v...

30.10.2025 21:49 — 👍 0    🔁 0    💬 0    📌 0
Preview
Key IOCs for Pegasus and Predator Spyware Cleaned With iOS 26 Update iOS 26 changes how shutdown logs are handled, erasing key evidence of Pegasus and Predator spyware, creating new challenges for forensic investigators

Key IOCs for Pegasus and Predator Spyware Cleaned With iOS 26 Update iverify.io/blog/key-ioc...

29.10.2025 07:17 — 👍 0    🔁 0    💬 0    📌 0
Preview
Hack-cessibility: When DLL Hijacks Meet Windows Helpers Our custom solutions are tailored to address the unique challenges of different roles in security.

Hack-cessibility: When DLL Hijacks Meet Windows Helpers
trustedsec.com/blog/hack-ce...

29.10.2025 07:15 — 👍 0    🔁 0    💬 0    📌 0
Look At This Photograph - Passively Downloading Malware Payloads Via Image Caching Detailing an improved Cache Smuggling technique to turn 3rd party software into passive malware downloader.

Look At This Photograph - Passively Downloading Malware Payloads Via Image Caching
malwaretech.com/2025/10/exif...

28.10.2025 23:59 — 👍 0    🔁 0    💬 0    📌 0
Preview
Prompt injection to RCE in AI agents We bypassed human approval protections for system command execution in AI agents, achieving RCE in three agent platforms.

Prompt injection to RCE in AI agents

blog.trailofbits.com/2025/10/22/p...

26.10.2025 22:21 — 👍 1    🔁 0    💬 0    📌 0

100 % agree
This 👇👇👇

26.10.2025 18:18 — 👍 0    🔁 0    💬 0    📌 0
Preview
Weaponizing Apple AI for Offensive Operations - Part I This blog series introduces MLArc, a standalone command-and-control framework that operates entirely through Apple’s AI stack. Unlike conventional C2 systems that rely on JSON over HTTP, script…

Weaponizing Apple AI for Offensive Operations

Part I
hxr1.ghost.io/weaponizing-...

Part II
hxr1.ghost.io/weaponizing-...

25.10.2025 21:01 — 👍 3    🔁 0    💬 0    📌 1
Preview
GitHub - tijme/dittobytes: Metamorphic cross-compilation of C++ & C-code to PIC, BOF & EXE. Metamorphic cross-compilation of C++ & C-code to PIC, BOF & EXE. - GitHub - tijme/dittobytes: Metamorphic cross-compilation of C++ & C-code to PIC, BOF & EXE.

GitHub - tijme/dittobytes: Metamorphic cross-compilation of C++ & C-code to PIC, BOF & EXE. github.com/tijme/dittob...

25.10.2025 08:45 — 👍 0    🔁 0    💬 0    📌 0
Preview
Reflected XSS: Advanced Exploitation Guide Learn how to identify and hunt for reflected cross-site scripting (XSS) vulnerabilities using a unique testing methodology. Read the article now!

Hunting for reflected XSS vulnerabilities: A complete guide

www.intigriti.com/researchers/...

25.10.2025 07:58 — 👍 2    🔁 1    💬 0    📌 1
Preview
Guide pour relayer NTLM sur HTTP - l'exemple de GLPI | Mobeta Apprenez à relayer NTLM sur HTTP via GLPI en pentest interne. Guide technique avec ntlmrelayx, Impacket et recommandations sécurité.

Guide pour relayer NTLM sur HTTP – l’exemple de GLPI

mobeta.fr/guide-pour-r...

25.10.2025 07:55 — 👍 0    🔁 0    💬 0    📌 0

On apprend ce soir que les travaux de D. #Trump à la #MaisonBlanche ont détruit aussi le jardin Jackie Kennedy adjacent. Mais #Trump a le droit pour lui: le président est exempté de la procédure préalable d'examen des plans de travaux par la NCPC, commission ad hoc... 1/
bbc.com/news/article...

24.10.2025 18:40 — 👍 41    🔁 19    💬 2    📌 2
Preview
A deep dive into modern Windows Structured Exception Handler (SEH) ⚠️ Understanding how SEH works in x64

A deep dive into modern Windows Structured Exception Handler (SEH)

blog.elmo.sg/posts/struct...

24.10.2025 19:20 — 👍 0    🔁 0    💬 0    📌 0
Preview
The Ultimate Guide to Windows Coercion Techniques in 2025 Windows authentication coercion often feels like a magic bullet against the average Active Directory. With any old low-privileged account, it usually allows us to gain full administrative access to…

The Ultimate Guide to Windows Coercion Techniques in 2025 blog.redteam-pentesting.de/2025/windows...

24.10.2025 19:16 — 👍 1    🔁 0    💬 0    📌 0
Windows API Arsenal - FAUT.L Reverse Engineering Reference This API database has more payloads than my C2 server! 🐛

Windows API Arsenal - FAUT.L Reverse Engineering Reference blog.fautl.com/api-list.html

24.10.2025 19:03 — 👍 0    🔁 0    💬 0    📌 0
Preview
castilho blog Servers, like humans, have limits on how much data they can handle at once. Maybe you're familiar with the 414 and 431 status codes:

Scream at It Until It Escalates — XSS to ATO via Server Size Errors Gadgets

castilho.sh/scream-until...

24.10.2025 18:57 — 👍 0    🔁 0    💬 0    📌 0
Preview
(2025-10-21) Managing The DSRM Administrator Account Password (Revisited) The options available to manage the DSRM Administrator Account password on both RWDCs and RODCs. Which options exist and how to use those are explained

(2025-10-21) Managing The DSRM Administrator Account Password (Revisited) jorgequestforknowledge.wordpress.com/2025/10/21/m...

23.10.2025 21:56 — 👍 1    🔁 0    💬 0    📌 0
[LONG INT*] Laluka pirate la planète (Cybersec, pentest, et Vol Libre)
Hey! C'est le sixième épisode de Long Int* avec tixlegeek, un podcast ou on s'intéresse aux humains derrière les nerds et les hackers!Aujourd'hui Laluka Nous parle de lui! Il est très actif dans la… [LONG INT*] Laluka pirate la planète (Cybersec, pentest, et Vol Libre)

[LONG INT*] Laluka pirate la planète (Cybersec, pentest, et Vol Libre) youtube.com/watch?v=kBAi...

23.10.2025 20:54 — 👍 0    🔁 0    💬 0    📌 0
Bannon: Donald Trump will have a third term
YouTube video by The Economist Bannon: Donald Trump will have a third term

Politiquement, sans doute l'1 des déclarations les plus marquantes de 2025
Steve #Bannon, chef de file des nationaux-populistes US, affirme que D. #Trump restera président après 2028. Et qu'ils trouveront moyen de contourner le 22e amendement de la Constitution 1/
RT+
www.youtube.com/shorts/8AVTx...

23.10.2025 19:34 — 👍 58    🔁 71    💬 5    📌 2
Preview
The minefield between syntaxes: exploit syntax confusion in the wild Learn syntax confusion techniques using filename*, file://host:port, and PHP parse_url to bypass filters, poison caches and escalate SSRF.

The minefield between syntaxes: exploit syntax confusion in the wild www.yeswehack.com/learn-bug-bo...

23.10.2025 18:39 — 👍 0    🔁 0    💬 0    📌 0
Preview
Why nested deserialization is STILL harmful – Magento RCE (CVE-2025-54236) › Searchlight Cyber Magento is still one of the most popular e-commerce solutions in use on the internet, estimated to be running on more than 130,000 websites. It is also offered as an enterprise offering by Adobe…

Why nested deserialization is STILL harmful – Magento RCE (CVE-2025-54236) › Searchlight Cyber slcyber.io/assetnote-se...

22.10.2025 07:34 — 👍 0    🔁 0    💬 0    📌 0
Preview
The (Near) Return of the King: Account Takeover Using the BadSuccessor Technique - SpecterOps After Microsoft patched Yuval Gordon’s BadSuccessor privilege escalation technique, BadSuccessor returned with another blog from Yuval, briefly mentioning to the community that attackers can still…

The (Near) Return of the King: Account Takeover Using the BadSuccessor Technique - SpecterOps specterops.io/blog/2025/10...

20.10.2025 18:54 — 👍 0    🔁 0    💬 0    📌 0
Cloudflare Image Proxy CSPT Exploit Explained Explore Cloudflare's Image Proxy as a CSPT exploit tool, enabling impactful cross-origin path traversal attacks through redirect techniques

Cloudflare Image Proxy CSPT Exploit Explained blog.voorivex.team/cloudflare-i...

19.10.2025 18:07 — 👍 0    🔁 0    💬 0    📌 0
Preview
Signal dévoile un protocole de chiffrement post-quantique conçu pour garantir la confidentialité persistante des échanges et la sécurité post-compromission, sans altérer les performances de l'application Signal anticipe la menace quantique et renforce sa sécurité avec un nouveau protocole de chiffrement post-quantique. L'application lance Sparse Post-Quantum Ratchet (SPQR), un mécanisme avancé qui…

Signal dévoile un protocole de chiffrement post-quantique conçu pour garantir la confidentialité persistante des échanges et la sécurité post-compromission, sans altérer les performances de l'application securite.developpez.com/actu/376845/...

19.10.2025 15:23 — 👍 0    🔁 0    💬 0    📌 0
Preview
À Prisma Media, les salariés craignent d’être à leur tour avalés par Bolloré Après quatre années passées à échapper au rouleau compresseur du milliardaire breton, c’est au tour des rédactions du groupe Prisma de servir de marchepied médiatique à l’extrême droite. Plusieurs in…

À Prisma Media, les salariés craignent d’être à leur tour avalés par Bolloré www.mediapart.fr/journal/cult...

19.10.2025 15:21 — 👍 0    🔁 0    💬 0    📌 0
Preview
GitHub - MorDavid/NetworkHound: Advanced Active Directory network topology analyzer with SMB validation, multiple authentication methods (password/NTLM/Kerberos), and comprehensive network discovery. Export results as BloodHound‑compatible OpenGraph JSON. Advanced Active Directory network topology analyzer with SMB validation, multiple authentication methods (password/NTLM/Kerberos), and comprehensive network discovery. Export results as BloodHound‑...

NetworkHound Advanced Active Directory network topology analyzer with SMB validation, multiple authentication methods (password/NTLM/Kerberos), and comprehensive network discovery. Export results as BloodHound‑compatible OpenGraph JSON. github.com/mordavid/Net...

19.10.2025 13:18 — 👍 1    🔁 0    💬 0    📌 0
Preview
CVE-2025-59287 WSUS Remote Code Execution A technical WSUS advisory for CVE-2025-59287: unsafe deserialization in Windows Server Update Services that allows remote code execution.

CVE-2025-59287 WSUS Remote Code Execution | HawkTrace hawktrace.com/blog/CVE-202...

19.10.2025 10:45 — 👍 1    🔁 1    💬 0    📌 0
Preview
Yet Another DCOM Object for Command Execution Part 1 If you’re a penetration tester, you know that lateral movement is becoming increasingly difficult, especially in well defended environments. One technique for command execution has been the use of…

Yet Another DCOM Object for Command Execution Part 1 sud0ru.ghost.io/yet-another-...

19.10.2025 08:11 — 👍 0    🔁 0    💬 0    📌 0
Preview
Denial of Fuzzing: Rust in the Windows kernel - Check Point Research Summary Check Point Research (CPR) identified a security vulnerability in January 2025 affecting the new Rust-based kernel component of the Graphics Device Interface (commonly known as GDI) in…

Denial of Fuzzing: Rust in the Windows kernel - Check Point Research research.checkpoint.com/2025/denial-...

19.10.2025 08:08 — 👍 0    🔁 0    💬 0    📌 0
Preview
CRLF Injection Nested Response Splitting CSP Gadget If you can do CRLF injection in the response header, most likely you can also do response resplitting to achieve reflected XSS. Even if a strict CSP is in place, you could bypass it by using response…

CRLF Injection Nested Response Splitting CSP Gadget lab.ctbb.show/research/crl...

18.10.2025 18:48 — 👍 0    🔁 0    💬 0    📌 0
Preview
Leveraging Raw Disk Reads to Bypass EDR Drivers are a common part of every Windows environment, and many of them provide low-level functionality. This blog details how to connect…

Leveraging Raw Disk Reads to Bypass EDR
medium.com/workday-engi...

18.10.2025 18:36 — 👍 0    🔁 0    💬 0    📌 0

@warthogtk is following 20 prominent accounts