Kuba Gretzky's Avatar

Kuba Gretzky

@mrgretzky.breakdev.org

Offensive security tools developer. Malware developer, hobby music producer, bedroom DJ & ex-MMO game hacker. Creator of Evilginx / Bartender @ BREAKDEV RED.

784 Followers  |  171 Following  |  45 Posts  |  Joined: 09.10.2023  |  2.0879

Latest posts by mrgretzky.breakdev.org on Bluesky

Glad to be mentioned in such a great company! πŸ˜† @chudypb.bsky.social πŸ”₯

18.03.2025 08:03 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Evilginx Pro is finally here! After over two years of development, Evilginx Pro reverse proxy phishing framework for red teams is finally live!

🚨 Evilginx Pro is finally here! 🚨🎣🐟

This is it! After over two years of development, countless delays, and hundreds of manual company verifications, Evilginx Pro is finally live!

Thank you all for your invaluable support πŸ’—

breakdev.org/evilginx-pro...

12.03.2025 15:29 β€” πŸ‘ 11    πŸ” 6    πŸ’¬ 0    πŸ“Œ 0

Since last year, I thought Ivanti Endpoint Manager was the most insecure tool you could use.

This year, I know it’s been Elon all along.

12.03.2025 10:21 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Big news: our trainings are live!

This year, we’re offering 13 courses led by top-notch experts. Whether you're red, blue, or somewhere in between,
come sharpen your skills, break stuff, and learn from the best!

πŸ“… 1–4 Sept
πŸ“ Meervaart, Amsterdam
🎟 Tickets available now!
πŸ‘‰ weeztix.shop/qt2kzq6g

11.03.2025 09:54 β€” πŸ‘ 13    πŸ” 10    πŸ’¬ 0    πŸ“Œ 4
Preview
Terms of What? tl;dr

Excellent research by Sagi Olshansky shows how even a simple "Terms of Service" conditional access option in Entra ID can become a thorn in the side of phishing threat actors.

Evilginx phishlet development action included 🎣
medium.com/@Sniffler/te...

27.02.2025 13:45 β€” πŸ‘ 0    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
GitHub - luctalpe/WMIMon: Tool to monitor WMI activity on Windows Tool to monitor WMI activity on Windows. Contribute to luctalpe/WMIMon development by creating an account on GitHub.

I've been dealing with mysterious high CPU utilization from WmiPrvSE.exe for MONTHS. I finally did some digging using github.com/luctalpe/WMI... (run wmimon from an elevated cmd prompt). Guess what the culprit was?

05.01.2025 03:54 β€” πŸ‘ 30    πŸ” 8    πŸ’¬ 4    πŸ“Œ 0

It's video games for red teamers πŸ˜€

21.12.2024 11:24 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image Post image Post image Post image

The BREAKDEV RED software shop engine is finally finished πŸŽ‰

Out of respect to all Evilginx fans, the purchase experience will be as friendly and fair as possible:

- Floating licenses ONLY
- No minimum cap for license purchases

Evilginx Pro release date: February 2025

Merry Christmas everyone! πŸŽ„

20.12.2024 15:23 β€” πŸ‘ 4    πŸ” 2    πŸ’¬ 1    πŸ“Œ 0
Post image

New #PEsieve & #HollowsHunter
(v0.4.0) are released: github.com/hasherezade/... & github.com/hasherezade/... - A lot has changed in the new version, check it out!

14.12.2024 16:33 β€” πŸ‘ 47    πŸ” 18    πŸ’¬ 0    πŸ“Œ 0

I wrote a fun, little blog post. Remote pre-auth file deletion in SolarWinds ARM allowed to achieve LPE on AD machines πŸ™ƒ

12.12.2024 18:03 β€” πŸ‘ 9    πŸ” 6    πŸ’¬ 1    πŸ“Œ 0

Who's leading the thoughts of the thought leader?! Cas is a true power broker, influencing the influencers from the shadows πŸ˜€

02.12.2024 14:37 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Thank you! I've finally managed to get it working. The API documentation is a bit rough, and the API itself holds a lot of technical debt, but now it finally works as I wanted.

02.12.2024 09:46 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Post image

🚨 BLACK FRIDAY 50% OFF 24-HOUR SALE 🚨

Today I'm running the biggest sale, since the course release in 2023!

Get Evilginx Mastery course with lifetime access for 199 EUR ONLY today! 🀩

Upgrade your phishing skills before Evilginx Pro drops!

πŸ”—Link: academy.breakdev.org/evilginx-mas...

28.11.2024 22:22 β€” πŸ‘ 4    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0
Post image

🚨 BLACK FRIDAY 50% OFF 24-HOUR SALE 🚨

Today I'm running the biggest sale, since the course release in 2023!

Get Evilginx Mastery course with lifetime access for 199 EUR ONLY today! 🀩

Upgrade your phishing skills before Evilginx Pro drops!

πŸ”—Link: academy.breakdev.org/evilginx-mas...

28.11.2024 22:22 β€” πŸ‘ 4    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0
Post image

🚨 The Black Friday sale is coming!

The sale drops at midnight today! (UTC+1)

It will be the biggest sale yet! 🀩

28.11.2024 11:52 β€” πŸ‘ 6    πŸ” 4    πŸ’¬ 0    πŸ“Œ 0
OrangeCon

I want to do a little promotion here as well:

For the dutch people following me: last year me and 2 other folks from HITB dutch crew started orangecon.nl.

Its a nonprofit which focusses on knowledge sharing with affordable trainings followed by a very affordable conference. Do check it out please!

27.11.2024 17:53 β€” πŸ‘ 8    πŸ” 6    πŸ’¬ 1    πŸ“Œ 1

I'm currently doing super exciting research (that's a joke 😭) trying to decide which invoicing platform with API access to use.

Can anyone confirm if Zoho Books is a good platform or if there is any alternative worth considering?

I'm having the time of my life πŸ˜†

26.11.2024 12:35 β€” πŸ‘ 4    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0

Congrats man! Heads and brains always need special treatment if they're used daily to make a living πŸ˜€

26.11.2024 12:24 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Agreed. Sounds like I'm breaking the habit tonight πŸ˜‚

22.11.2024 12:42 β€” πŸ‘ 5    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

I keep catching myself referring to "Linkin Park" as "LinkedIn Park".

Is it a sign of growing old? πŸ‘΄

22.11.2024 09:03 β€” πŸ‘ 15    πŸ” 1    πŸ’¬ 3    πŸ“Œ 0
Into the Wild (2007) Trailer #1 | Movieclips Classic Trailers
YouTube video by Rotten Tomatoes Classic Trailers Into the Wild (2007) Trailer #1 | Movieclips Classic Trailers

I kind of got discouraged after watching this movie πŸ˜†
www.youtube.com/watch?v=XZG1...

21.11.2024 12:03 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Time will tell. It is perfectly ok to keep both running at the same time and use both for the time being.

21.11.2024 12:01 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Noted. I thought I was the only one struggling with trying to manage too many different things simultaneously. What I try to do is handle the organizational things at the beginning of the week and then dedicate the following days to deep focus development with no distractions, same as you.

19.11.2024 19:49 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Paged Out! #5 is out – enjoy! pagedout.institute
And if you like the cover, we have wallpapers!

19.11.2024 09:31 β€” πŸ‘ 36    πŸ” 16    πŸ’¬ 0    πŸ“Œ 2

I feel you! Do you have any options to automate payment processing & invoicing at least?

19.11.2024 16:59 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Post image Post image

Evilginx Pro Update:

Tool is ready and awaits release.

I'm now creating an online shop engine, because why not 😜

I hope one day it becomes Steam for cybersecurity tools with Evilginx Pro its first release, like Half-Life 2 on Steam exactly 20 years ago.

Red team tools unite!

19.11.2024 16:55 β€” πŸ‘ 20    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

Welcome to the greener pastures! πŸ˜€

19.11.2024 12:42 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Good to see you on the interwebz again! πŸ’—

18.11.2024 23:36 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Clipping the Canary’s wings: Bypassing AiTM Phishing Detections | Spotit insights

Defenders use cross-origin requests through CSS url() or injected JS to leak your phishing URL in the HTTP Referer header.

Today, I've been reminded about the excellent post by Keanu Nys, which contains a lot of great evasion ideas!

insights.spotit.be/2024/06/03/c...

18.11.2024 11:29 β€” πŸ‘ 14    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0
Post image

Beyond good ol’ Run key, Part 144

www.hexacorn.com/blog/2024/11...

15.11.2024 22:17 β€” πŸ‘ 23    πŸ” 10    πŸ’¬ 1    πŸ“Œ 0

@mrgretzky.breakdev.org is following 20 prominent accounts