API keys
может еще живы
может еще живы
OPENAI_API_KEY=sk-proj-q9F2mYxK8D4sLZ0a7HcE3R6NwP1U5tJb
OPENAI_ORG_ID=org-4k9D2sQeP8WZJtL0mXcA
OPENAI_PROJECT_ID=proj-8W3mP2RZk0sQJc9D4tL
ANTHROPIC_API_KEY=sk-ant-api03-2m9QF4RkZJ8W0X6L3PAsHcE
GEMINI_API_KEY=AIzaSyC3nP9R2sZ0Lk4QFJ8WmXH
AWS_ACCESS_KEY_ID=AKIA4M7Q2Z9KXW8R
AWS_SECRET_ACCESS_KEY=JrU3n8WkL4X0mPZ2s9QH7A5R
STRIPE_API_KEY=sk_test_51QH2Z9KXWmP0L4R8sJcA7nE
STRIPE_WEBHOOK_SECRET=whsec_9mZ0KX4Q2R8sW7PJLcA
GITHUB_TOKEN=ghp_9WZ0KX4Q2R8sJcA7nEmPLH
😱39👍15🔥13
Escaping the VM: From Guest Code to Host Compromise in VMware Workstation
Original text by r0keb
The article presents a technical walkthrough of developing a VMware guest-to-host escape exploit, demonstrating how vulnerabilities in virtualization software can break the isolation between a virtual machine and its host system. The research focuses on flaws affecting VMware Workstation, where bugs in virtual device handling and host-side processing logic allow a…
https://core-jmp.org/2026/04/escaping-the-vm-from-guest-code-to-host-compromise-in-vmware-workstation/
Original text by r0keb
The article presents a technical walkthrough of developing a VMware guest-to-host escape exploit, demonstrating how vulnerabilities in virtualization software can break the isolation between a virtual machine and its host system. The research focuses on flaws affecting VMware Workstation, where bugs in virtual device handling and host-side processing logic allow a…
https://core-jmp.org/2026/04/escaping-the-vm-from-guest-code-to-host-compromise-in-vmware-workstation/
🔥9😱6👍3
Signed to Kill: Reverse Engineering a 0-Day Used to Disable CrowdStrike EDR
Original text by Jehad Abudagga
The article presents a reverse-engineering analysis of a kernel driver used in a BYOVD (Bring Your Own Vulnerable Driver) attack to disable security software, including CrowdStrike Falcon EDR. The researcher discovered multiple variants of a Microsoft-signed driver that expose a dangerous IOCTL interface capable of terminating arbitrary processes. Because the…
https://core-jmp.org/2026/04/signed-to-kill-reverse-engineering-a-0-day-used-to-disable-crowdstrike-edr/
Original text by Jehad Abudagga
The article presents a reverse-engineering analysis of a kernel driver used in a BYOVD (Bring Your Own Vulnerable Driver) attack to disable security software, including CrowdStrike Falcon EDR. The researcher discovered multiple variants of a Microsoft-signed driver that expose a dangerous IOCTL interface capable of terminating arbitrary processes. Because the…
https://core-jmp.org/2026/04/signed-to-kill-reverse-engineering-a-0-day-used-to-disable-crowdstrike-edr/
👍12🔥1
COMouflage: Stealthy DLL Surrogate Injection for Process Tree Evasion
Original text by S12 – 0x12Dark Development
The article introduces COMouflage, a stealthy Windows process-injection technique that abuses the legitimate COM DLL Surrogate mechanism to execute malicious code inside trusted system processes. Instead of directly injecting into a target process, the attacker registers a fake COM object in the Windows registry under HKEY_CURRENT_USER, which does…
https://core-jmp.org/2026/04/comouflage-stealthy-dll-surrogate-injection-for-process-tree-evasion/
Original text by S12 – 0x12Dark Development
The article introduces COMouflage, a stealthy Windows process-injection technique that abuses the legitimate COM DLL Surrogate mechanism to execute malicious code inside trusted system processes. Instead of directly injecting into a target process, the attacker registers a fake COM object in the Windows registry under HKEY_CURRENT_USER, which does…
https://core-jmp.org/2026/04/comouflage-stealthy-dll-surrogate-injection-for-process-tree-evasion/
😱8🔥1
Recovery Mode Breakdown: Turning macOS Recovery Safari into Root Persistence
Original text by Yaseen Ghanem
The article describes a vulnerability discovered in macOS Recovery Mode Safari that allows an attacker with physical access to gain unrestricted write access to system partitions and achieve persistent root-level execution. While exploring Safari inside the macOS Recovery environment, the researcher discovered that downloaded files could be saved to arbitrary…
https://core-jmp.org/2026/04/recovery-mode-breakdown-turning-macos-recovery-safari-into-root-persistence/
Original text by Yaseen Ghanem
The article describes a vulnerability discovered in macOS Recovery Mode Safari that allows an attacker with physical access to gain unrestricted write access to system partitions and achieve persistent root-level execution. While exploring Safari inside the macOS Recovery environment, the researcher discovered that downloaded files could be saved to arbitrary…
https://core-jmp.org/2026/04/recovery-mode-breakdown-turning-macos-recovery-safari-into-root-persistence/
🔥10😱1
Книжка хорошая, странно другое, почему вдруг латыши за нее взялись на
*
Ну да ладно, хорошая книжка PDF
kgb.arhivi.lv*
Ну да ладно, хорошая книжка PDF
👍13😱4
Tutorial: Adaptix C2 with ShellcodePack and MacroPack
Original post by Emeric
The article explains how to integrate the Adaptix C2 framework with BallisKit tools ShellcodePack and MacroPack to create stealthy payloads for red-team operations. Adaptix is an open-source command-and-control platform used for post-exploitation and adversarial emulation. The tutorial walks through setting up an Adaptix server on Linux and compiling the GUI client…
https://core-jmp.org/2026/04/tutorial-adaptix-c2-with-shellcodepack-and-macropack/
Original post by Emeric
The article explains how to integrate the Adaptix C2 framework with BallisKit tools ShellcodePack and MacroPack to create stealthy payloads for red-team operations. Adaptix is an open-source command-and-control platform used for post-exploitation and adversarial emulation. The tutorial walks through setting up an Adaptix server on Linux and compiling the GUI client…
https://core-jmp.org/2026/04/tutorial-adaptix-c2-with-shellcodepack-and-macropack/
🔥22
Ground Station
*
Полный набор open source инструментов для мониторинга спутников и декодирования сигналов с помощью локального SDR, включая загрузку метеорологических изображений и тд.
*
all-in-one
*
Полный набор open source инструментов для мониторинга спутников и декодирования сигналов с помощью локального SDR, включая загрузку метеорологических изображений и тд.
*
all-in-one
👍11😱2
Stanford CS230 | Autumn 2025 | Lecture 8: Agents, Prompts, and RAG
*
Стэнфордский курс по созданию систем ИИ уделывает все туториалы Claude и треды по промптингу.
Реально учит инженеров создавать с нуля надёжные системы ИИ
https://www.youtube.com/watch?v=k1njvbBmfsw
*
Стэнфордский курс по созданию систем ИИ уделывает все туториалы Claude и треды по промптингу.
Реально учит инженеров создавать с нуля надёжные системы ИИ
https://www.youtube.com/watch?v=k1njvbBmfsw
YouTube
Stanford CS230 | Autumn 2025 | Lecture 8: Agents, Prompts, and RAG
For more information about Stanford’s Artificial Intelligence professional and graduate programs, visit: https://stanford.io/ai
November 11, 2025
This lecture covers agents, prompts, and RAG.
To learn more about enrolling in this course, visit: https:…
November 11, 2025
This lecture covers agents, prompts, and RAG.
To learn more about enrolling in this course, visit: https:…
👍5🔥2