Binary code-coverage fuzzer for macOS, based on libFuzzer and LLVM - ant4g0nist/ManuFuzzer

1day practice - Escape macOS sandbox (partial) using RemoteViewServices - wh1te4ever/CVE-2025-31258-PoC

The Threat Actor in focus is Mustang Panda a.k.a. Stately Taurus, a well-documented Chinese APT group known for cyber-espionage campaigns targeting governments, NGOs, and political entities across Southeast Asia. This lab emulates a targeted intrusion aligned…

This blog post explains the basics of Ancillary Function Driver API and how it can help explore networking activity on Windows systems.

CVE-2025-32421

prod. by hnrk - http://www.soundcloud.com/hnrk93

www.TeamSESH.com

Download PAIDPROGRAMMING - http://tinyurl.com/maj89xx

In this stream we reverse engineered a malware loader with IDA Pro, including its anti-analysis, persistence, COM UAC Bypass, command-line spoofing, C2, process injection, and TCP proxy functionality.

Learn how to reverse engineer malware: https://train…

In-depth research into Windows Kernel Streaming vulnerabilities, revealing MDL misuse, buffer misalignment, and exploitation techniques used in CVE-2024-38238 and others.

IDA Python Script to Get All function names from Event Constructor (VCL) - Coldzer0/IDA-For-Delphi

Good morning! As we saw in last week’s blog post, the use of NtQuerySystemInformation() to bypass kASLR and the changes introduced in version 24H2 have effectively taken away that convenient method we used to rely on to simplify things.

In this post I’ll show you how I found a zeroday vulnerability in the Linux kernel using OpenAI’s o3 model. I found the vulnerability with nothing more complicated than the o3 API &#821…

Alisa Esage is a professional hacker and solo owner of Zero Day Engineering Research & Training. https://zerodayengineering.com

Alisa taught herself CPU assembly and binary reverse engineering at the age of 15, got hyped by the government of the United States…

In this in-depth Sliver C2 tutorial, you’ll dive into one of the most powerful and modern Command and Control frameworks used by red teamers and ethical hackers today.

Sliver offers cross-platform implants, encrypted communication, and a rich feature set…

TCC bypass on macOS isn't just an annoying prompt—it's the last line of defense between malware and your private data. Learn why.

Let's talk about Command and Control (C2) infrastructure. It's the backbone of any red team operation, letting you talk to your implants in target environmen...