Jord

Yearly blog post just dropped: Control Flow Hijacking via Data Pointers 🐸 Showcasing how to find your own in Binary Ninja, how to weaponize and write a shellcode stub etc. Hopefully people find it useful :) legacyy.xyz/defenseevasion…

Blog for ToolShell Disclaimer: The content of this blog is provided for educational and informational purposes only. blog.viettelcybersecurity.com/sharepoint-too… #SharePoint #ToolShell

🚨 Suspected admin of xss.is, a top Russian-speaking cybercrime forum, was arrested in Ukraine. The suspect, active for nearly 20 years, allegedly made €7M facilitating cybercrime. 🇫🇷🇺🇦🇪🇺 Operation led by France with Europol support. europol.europa.eu/media-press/ne…

Shared the PoC with @mkolsek few days ago, the same one I gave to microsoft. Unlike microsoft however, they not only verified the issue within days but refined it demonstrating that ANY domain user can crash a fully patched windows 2025 server as of now.

Control Flow Hijacking via Data Pointers legacyy.xyz/defenseevasion… Credits @0xLegacyy #cybersecurity

Still refuse to believe this is real

Whenever I see people say the red teaming should only use TI, it seems unusual because if you're mature enough to need a red team, your EDR vendor will likely pick up on many currently known threats in the public eye. At that point, you're stuck modifying things away from what's…

📣 IDA 9.2 Beta is here! This release is packed with UI upgrades, smarter analysis, and expanded architecture support. ➥ Already a Beta user? Grab it now. ➥ Not enrolled? Sign up today. eu1.hubs.ly/H0lS6nv0

This one was a fun exploit. Turning a security product against itself to gain C2 like control over all its agents. Updates have been available for a while but only now it has been disclosed. Get patching folks

Ludushound shows the power of community driven innovation in cybersecurity. @bagelByt3s created an awesome tool to convert bloodhound data into a working lab in 🏟️ Ludus. Replicate complex live environments with automation - and get back to the fun stuff! specterops.io/blog/2025/07/1…

Wrote a cross-platform library for rewriting / modifying code in executable files on a function level. Pretty simple to write advanced binary obfuscators using it. github.com/badhive/stitch Below shows what ~30 LOC using Stitch transforms a function into:

AdaptixC2 0.7 will feature the AxScript scripting engine, which will be based on JS. Continuing the topic of AxScript, this post covers "Post Hook." Scripts in extensions now allow you to create handlers for the results of commands you've registered. [1/4]

Introducing Havoc Professional: A Lethal Presence We’re excited to share a first look at Havoc Professional, a next-generation, highly modular Command and Control framework, and Kaine-kit our fully Position Independent Code agent engineered for stealth! infinitycurve.org/blog/introduct…

New video out 😊 showing how you can take control of port 445 and perform those magical relay attacks toward AD CS when working from a C2 agent. Way easier than before thanks to some great research by @zyn3rgy youtube.com/watch?v=e4f3h5…

Turns out the same ClickFix mitigation of ‘disabling’ the Win+R shortcut (HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer - NoRun DWORD 1) also prevents exploitation of the address bar FileFix technique💡

The Call for Sponsors for #MalwareVillage at @DEFCON 33 is open until July 7, 2025! 📄 Sponsor Package: malwarevillage.org/sponsor.pdf 📧 Email: [email protected] We’ll have talks, workshops, contests, Malmons art gallery, Malmons trading cards, and more cool stuff! 🤩 #DC33

I just sponsored @mrexodia. No other tool I have been so much besides x64dbg for the past 4-5 years on a daily basis. Saved me countless hours, learned so much, and helped me solve a lot of problems quickly. The work & research he is putting out has been more then invaluable to…

BOFs are powerful, but error-prone! We dropped a post and new BOF linting tool to catch bugs early, and to prevent crashing implants. This will speed up your Beacon Object File dev workflow. If you're building custom C2 payloads, it's a must-read. 🔍 📖 outflank.nl/blog/2025/06/3…

Control Flow Hijacking via Data Pointers - @0xLegacyy legacyy.xyz/defenseevasion…

The slides from our @reconmtl talk, "Breaking Mixed Boolean-Arithmetic Obfuscation in Real-World Applications" (CC @nicolodev), are now online! Slides: synthesis.to/presentations/… Plugin: github.com/mrphrazer/obfu…

Excited to be teaching ARTOC @defcon this year! Focused on modern tradecraft, tooling development, and building real skills from preparation to execution of real-world adversary emulation engagements. #DEFCON #redteam