wetw0rk

Remotely load your rootkits using Sickle! In the video below I'm exploiting a Linux RCE vulnerability and using the memfd_reflective_elf_tcp shellcode to reflectively load the KoviD rootkit in memory. Essentially installing the KoviD rootkit without touching disk!!

I don't wanna sound like a hater, but I'm really getting tired of everyone yappin about AI. If you take AI and put it in your shitty product, congratulations. You now have a turd with a sticker on it. It's still a turd

After months of responsible disclosure, @0xDISREL and I are releasing our research on Netskope CVE-2024-7401. We wanted to give organizations and Netskope enough time to patch and remediate this vulnerability. Here is the article: quickskope.com

We're excited to announce a new session of our Asynchronous Training: The Fundamentals of Browser Exploitation!💻💥🌐 📆Start Date: September 15th, 2025 🗺️Location: Remote / Self-Paced ✈️Booking and full info: ret2.io/trainings

A software-defined radio can derail a US train by slamming the brakes on remotely dlvr.it/TLw23q

Turns out you can just hack any train in the USA and take control over the brakes. This is CVE-2025-1727 and it took me 12 years to get this published. This vulnerability is still not patched. Here's the story:

Perhaps one of the most badass CVE's I've ever seen from @midwestneil 💪😤 cisa.gov/news-events/ic…

I published blogs detailing two vulnerabilities I recently discovered in Sudo. Update to 1.9.17p1. CVE-2025-32462 - Sudo Host option Elevation of Privilege Vulnerability stratascale.com/vulnerability-… CVE-2025-32463 - Sudo chroot Elevation of Privilege Vulnerability…

Some teasers for the upcoming Kali Linux i3 revamp/redesign I've been working on for a while now: cc: @kalilinux

Good morning! I just published a blog post about a KASLR bypass that works on modern Windows 11 versions. It leverages Intel CPU cache timings to exfiltrate the base address of ntoskrnl.exe. I hope you like it! r0keb.github.io/posts/Bypassin…

After seeing the reviews for DOOM: The Dark Ages, id Software has just achieved legendary status once again. I’m so fucking hyped next week 🙌 #doomthedarkages #doom

I am excited to say my talk at @BlackHatEvents USA 2025 was accepted where I will be sharing my recent research on kernel-mode CET as well as KCFG on Windows!

I'm excited to be presenting Sickle at Arsenal at Black Hat USA 2025, to join me click here app.ingo.me/q/3n4vn #BHUSA. I'm really looking forward to meeting all of you!

KoviD : Red-Team Linux kernel rootkit : github.com/carloslack/Kov…

Learn how you can give your TLS an added layer of protection! In our new blog, @hoodoer demonstrates a few methods on how to use Web Crypto API to enhance your data security. Read it now! trustedsec.com/blog/applicati…

Chilllll ChatGPT chhhhhhiiiillll just doing some research😅

⚠️ Warning ⚠️ Kali has a new signing key! 🔑 (Manual action required! 🫣) If you are getting: > Missing key 827C8569F2518CC677FECA1AED65462EC8D5E4C5, which is needed to verify signature. You need to download and install the new key manually, here’s the one-liner: ``` sudo…

New blogpost! Want to see how we exploited @Synology network-attached-storage devices at Pwn2Own Ireland? RCE to root via out-of-bounds NULL-byte writes, click the embed for a fun little writeup of CVE-2024-10442 🔎🎉 blog.ret2.io/2025/04/23/pwn…

Check out "Powering Up Linux-Unleashing PowerShell for Penetration Testing and Red Teaming" with Tj Null from WWHF @ Denver Mile High! If you couldn't make it out to WWHF Mile High then mark your calendars for WWHF @ Deadwood-> wildwesthackinfest.com/wild-west-hack… youtu.be/XeqrwgXcWW8?si…

wHAT tHE F###

[Research] Bypassing Windows Kernel Mitigations: Part0 - Deep Dive into KASLR Leaks Restriction hackyboiz.github.io/2025/04/13/l0c… In this post, we’ll take a closer look at the new KASLR-related mitigation introduced in Windows 11 and Windows Server 24H2, and explore a novel method for…