For Egyptians

If you are looking for a place that you can find free professional courses in different fields as well as certificates then, Maharatech (ITI) is the place you are searching for

Visit https://maharatech.gov.eg

Unfortunately, today Oct 14 is the death day of Windows 10

After this,
The number of windows 7 increased (which is insane 😅)

But Linux still a great choice to try many people recommend Linux mint or Zorin OS, I personally recommend Pop! OS or Ubuntu to use

If you have fears about windows applications you can try Winboat, which is a free and open source project allows to run windows applications on Linux

https://github.com/TibixDev/winboat

Free ethical hacking course by Cisco

https://www.netacad.com/courses/ethical-hacker

If you are looking for privilege escalation on a Linux machine, then this is your guide

https://swisskyrepo.github.io/PayloadsAllTheThings/Methodology%20and%20Resources/Linux%20-%20Privilege%20Escalation/
https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html

If you have some binaries like SUID bins and you don't know what to do, then search in GTFOBins
https://gtfobins.github.io/

NSO Group has been acquired by U.S. investors, ending Israeli control

NSO Group is the company that develops every smart phone's nightmare Pegasus, the know Spyware

In my opinion it will still be used by Americans and Israelis for the same reasons they used before or the Israelis are developing something new

You can read the article: https://techcrunch.com/2025/10/10/spyware-maker-nso-group-confirms-acquisition-by-us-investors/

AWS is suffering from a huge technical problem that makes it almost down

Google services are affected as well as Preplexity AI also Chatgpt is affected

Really hard time for huge tech companies and other companies that use their services like hosting, this news is enough to make companies think twice before fully relying on a third-party or think about self hosting

Docker and postman are down

There are some news says it's because of Russian cyber attacks
https://www.euronews.com/next/2025/10/20/huge-internet-outage-hits-mobile-apps-and-websites-such-as-amazon-heres-what-we-know

Hetty is an open-source and free HTTP toolkit designed for security research, useful to be a powerful alternative to commercial tools like Burp Suite Pro. It offers features specifically tailored for the needs of the infosec community

▲ For Linux:

sudo snap install hetty

https://github.com/dstotijn/hetty

Swift Announcing the Swift SDK for Android !

Swift now is available for android and can be used on windows, Linux and MacOS. really big news that might change the world of android development

https://www.swift.org/blog/nightly-swift-sdk-for-android/

Debian family tree
These aren't the only distros based on Debian btw, there are more like ParrotOS

Next.js pentesting guide by Mr. Daoud Youssef

Really a very good and advanced article

https://deepstrike.io/blog/nextjs-security-testing-bug-bounty-guide

CVE-2025-59287

⚠️🚨CVSS: Critical 9.8

ဗ Affected: Windows Server Update Service (WSUS)

▲Description: Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.

https://nvd.nist.gov/vuln/detail/CVE-2025-59287

After AWS outage problem many signs are saying that Azure is down in many places of the world, here in Egypt many people/companies claim that they are suffering with Azure services or they can't reach it

There is an opinion says all tech companies should think again about the infrastructure they are based on or they are providing with, and I go with this opinion

Btw, this meme is going viral saying that the next turn will be for GCP or Google's cloud

If you are managing to do a cert in cyber security specially like OSCP, then Linux privilege escalation is a crucial skill you have to learn. I found this flow diagram is a great one to follow during your hunting for privilege escalation


a great way as well to do a basic enumeration using automated tools like:
1- linPEAS
https://github.com/peass-ng/PEASS-ng/tree/master/linPEAS
2- LinEnum
https://github.com/rebootuser/LinEnum
3- Linux Exploit Suggester
https://github.com/The-Z-Labs/linux-exploit-suggester

➜ finally keep your notes updated and up to date 😉

ⓘ @reverseengineer101

Frida hand book

ⓘ All you need to know about Frida

Online version: https://learnfrida.info/

⊷ Shared by @reverseengineer101

CharlotteOS - Catten
catten is an operating system kernel developed as a key component of the CharlotteOS project but it is designed to be flexible enough that we hope it can also find use in many other places.

So we have a kernel built in rust, I heard that Ubuntu are willing to do the same. Seems there are no more buffer over flows 👀

What do you see about this share us in comments 👇

Source code https://github.com/charlotte-os/Catten

@reverseengineer101

Balancer Protocol (web3 Ethereum DeFi Protocol) got hacked due to a bug in their code allows attackers to steal +70M $ or 110M $ (as some news says) which is the biggest breach in the world till now

▲In my point of view (or a security researcher point of view), code reviewing -by security experts not for regular code bugs but for vulnerabilities- isn't a critical step to take nowadays not just a routine also internal pentesting -not for one time- is another crucial step to do

ⓘ The obvious classification of this vulnerability is A01:2021-Broken Access Control which is already categorized in OWASP top 10 as a growing issue

reference from CoinDesk: https://www.coindesk.com/markets/2025/11/03/balancer-hit-by-apparent-exploit-as-usd70m-in-crypto-moves-to-new-wallets

@reverseengineer101