This infographic showcases Linux-based tools commonly used by red teams to simulate attacks and test defenses

This tool collection is shared to promote awareness of potential threats and defensive tactics. Use responsibly—unauthorized use is both illegal and unethical. Stay informed , but stay ethical! #pentesting #opensource

Find high-res pdf books with all my #linux and #cybersecurity related infographics at https://study-notes.org

Whoa, heads up cybersecurity folks! There's a particularly nasty bug making the rounds: **CVE-2025-32433** in Erlang/OTP SSH. And yes, it scored a perfect CVSS 10.0 .

We're talking potential **unauthorized remote code execution** here. Basically, an attacker can sneak SSH messages through *before* any authentication even happens. Think about that for a second. If your SSH daemon happens to be running as root... well, that's pretty much game over for the system.

This isn't just a minor issue; it impacts *anyone* using the Erlang/OTP SSH implementation.

**The good news?** Patches are available! You'll want to update to one of these versions ASAP:
* OTP-27.3.3
* OTP-26.2.5.11
* OTP-25.3.2.20

Speaking as a pentester, gotta say, that's a clever (and worrying!) vulnerability path . Another thing to keep in mind: your typical automated vulnerability scanners might completely miss this one due to the pre-auth nature.

So, what's your take? Have any of you run into this yet or started testing for it? Curious to know what tools you're finding effective for detection or exploitation testing! Let's discuss

New Open-Source Tool Spotlight

SecLists is a powerful resource for security testing. It consolidates usernames, passwords, payloads, sensitive patterns, and more into one repository. Essential for pen testers and bug hunters. #CyberSecurity #PenTesting

Project link on #GitHub https://github.com/danielmiessler/SecLists

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

𝗟ö𝘁𝘄𝗼𝗿𝗸𝘀𝗵𝗼𝗽 𝘀𝗰𝗵𝘄𝗲𝗶ß𝘁 𝗮𝘂𝗰𝗵 𝗠𝗶𝘁𝗮𝗿𝗯𝗲𝗶𝘁𝗲𝗻𝗱𝗲 𝘇𝘂𝘀𝗮𝗺𝗺𝗲𝗻

Im März verwandelte sich eine Abendveranstaltung von HiSolutions in ein kreatives Experimentierfeld: Kolleginnen und Kollegen aus unterschiedlichsten Fachbereichen – von #Krisenmanagement über IT bis #Pentesting – fanden sich zusammen, um ihre Begeisterung fürs Basteln zu teilen.

Egal ob Lötprofi oder Anfänger, alle vereinten ihre Neugier und brachten gemeinsam LED-Projekte zum Leuchten. Ein gemeinsamer Abend mit Ideen und blinkenden Highlights!

Du wünschst Dir auch einen Arbeitgeber, bei dem Teamarbeit und Austausch im Vordergrund stehen? https://karriere.hisolutions.com/

New Open-Source Tool Spotlight

Active Directory Certificate Services (AD CS) can be a goldmine if misconfigured. Tools like Certipy simplify enumeration and abuse, leveraging techniques like Shadow Credentials, Golden Certificates, and domain escalation paths (ESC1-ESC11). #CyberSecurity #RedTeam

Certipy's `shadow` command exemplifies ADCS weaknesses. By manipulating `msDS-KeyCredentialLink`, you can take over accounts via PKINIT. It's seamless but devastating for privilege escalation. #Pentesting #ActiveDirectory

Golden Certificates mimic Golden Tickets but target ADCS. Using a compromised CA private key, an attacker can forge certs for domain controllers or users. Certipy automates this process—caution with CA backups. #InfoSec #PKI

Project link on #GitHub https://github.com/ly4k/Certipy

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

Man, this whole AI hype train... Yeah, sure, the tools are definitely getting sharper and faster, no doubt about it. But an AI pulling off a *real* pentest? Seriously doubt that's happening anytime soon. Let's be real: automated scans are useful, but they just aren't the same beast as a genuine penetration test.

Honestly, I think security needs to be woven right into the fabric of a company from the get-go. It can't just be an afterthought you tack on when alarms are already blaring.

Now, don't get me wrong, AI definitely brings its own set of dangers – disinformation is a big one that springs to mind. But here's the thing: we absolutely *have* to get our heads around these tools and figure them out. If we don't keep pace, we risk becoming irrelevant pretty quick.

So, curious to hear what you all think – where do the greatest pitfalls lie with AI in the security field? What keeps you up at night?

to any and all #infosec and #pentesting professionals, do you have any tips you could share about business-speak? more specifically, how do you translate to a business unrelated with our field the importance of our work?

Seriously, what *is* going on with the Play Store these days?! Clients constantly ask me if the apps are actually secure... and tools like PlayPraetor? They're basically screaming NOPE!

You wouldn't believe the junk floating around. Fake apps are out there just harvesting your data. Think banking trojans, sneaky PWAs set up for phishing, Remote Access Trojans (RATs) – you name it, it's probably there. An absolute nightmare!

Wondering about PWAs? They're essentially websites packaged as apps, which makes them a prime vector for phishing scams. And RATs? Those give attackers *complete* control over your device. Seriously nasty stuff! Then there's Phantom malware leveraging Accessibility Services to watch everything you do... It's intense!

Actually, this takes me back to a recent pentest where we nearly overlooked a very convincing PWA phishing page. Thinking automated scans will catch everything? Yeah, don't count on it.

So, how can you shield yourself from this mess?
1. Stick strictly to official app stores!
2. Do your homework on the developers – vet them!
3. Always check app permissions *before* installing! What do they *really* need access to?
4. Make sure you've got solid mobile security installed!

Have you ever stumbled upon a fake app? How are you keeping your Android device locked down? Share your best tips below!

wow .. this is amazing: A handheld #Linux terminal (running #kali_linux) using #RaspberryPi Zero 2W as Core with 4" 720X720 TFT display and the original BlackBerry Keyboard https://github.com/ZitaoTech/Hackberry-Pi_Zero

I really need to order a new pack of this. #pentesting

From day one, TShark has been an essential part of #BashCore. It’s not just a substitute for Wireshark—it’s the same powerful engine, but fully command-line. If you’re serious about network analysis and pentesting, mastering TShark is a must.

It has nothing less than Wireshark, just no GUI. Learn it, and you’ll have full control over packet capture and analysis, even on minimal systems.

https://www.wireshark.org/docs/man-pages/tshark.html

SQL Injection Cheat Sheet: A Comprehensive Guide
https://denizhalil.com/2025/04/02/sql-injection-cheat-sheet/

FIN7 *again*? Seriously, these guys just don't quit, do they?

Heads up – they've cooked up an Anubis backdoor using Python. And nope, *it's not* the Android Trojan people know. It's pretty wild what this thing packs: we're talking remote shell capabilities, file uploads, messing with the registry... Basically, the keys to the kingdom!

And let me tell you from a pentester's perspective: Just relying on AV? That's *definitely* not gonna cut it anymore. We all know that, right?

Looks like they're slipping in through compromised SharePoint sites now? Yikes. The nasty part? A Python script decrypts the payload *directly in memory*, making it incredibly tough to spot! Plus, their command and control chats happen over a Base64-encoded TCP socket.

So, keep a *sharp eye* on those ZIP attachments! Double-check your SharePoint sites' integrity. You'll also want to monitor network traffic closely (especially that TCP activity!). And make sure your endpoint security is actually up to snuff – remember, they love finding ways to bypass defenses!

How are *you* tackling threats like this one? What are your go-to tools and strategies for defense? Let's share some knowledge!

Man, npm and supply chain security... seriously a never-ending story. Just caught an article about "ethers-provider2" and "ethers-providerz". Get this: these things are actually infecting packages you *already* have installed!

Speaking as a pentester, let me tell ya: you absolutely *have* to run regular checks. Your `package-lock.json`, `yarn.lock`... check 'em all! Trust me, SCA tools are worth their weight in gold in these situations. And listen up, people, MFA for your npm account? That's not some optional extra, it's a straight-up *MUST*!

I literally just had a client who thought, "Ah, npm's pretty safe, right?". Yeah, famous last words!

So, what're your most insane supply chain attack stories? Lay 'em on me!

Seriously, Broadcom... what's the deal lately?

First up, we've got CVE-2025-22230 hitting VMware Tools for Windows. This nasty bug basically lets standard users inside a VM escalate their privileges to admin level. Yikes! With a CVSS score of 7.8, you'll want to jump on this fix ASAP. It impacts versions 11.x.x and 12.x.x, so upgrading to 12.5.1 needs to be right at the top of your list!

But wait, there's more. CrushFTP is also sounding the alarm about unauthenticated access vulnerabilities lurking on HTTP(S) ports in versions 10 and 11. It's definitely time to double-check those DMZ configurations. Rapid7 has confirmed that exploits are out there, allowing unauthorized access. Pretty intense, right?

Stuff like this is a stark reminder: while automated scans have their place, they just don't cut it alone. Real-deal penetration testing is absolutely essential. Those manual checks are what uncover the sneaky issues that automated tools often breeze right past.

What's your take on this recent wave? How are you keeping your own environments locked down tight? Let's talk

NIST getting in on the AI security bandwagon. I'd be happier about that if I trusted anyone in the district anymore.

https://www.infosecurity-magazine.com/news/nist-limitations-ai-ml-security/

What we really need is some edits to the PTES or something with a GenAI test plan.

Physical Key Copying Starts With a Flipper Zero - A moment’s inattention is all it takes to gather the information needed to make a ... - https://hackaday.com/2025/03/25/physical-key-copying-starts-with-a-flipper-zero/ #lockpickinghacks #duplicating #flipperzero #lockpicking #locksports #pentesting