What is this and why does it exist?

All links, the content behind and the opinions there are not mine.
If you follow an external link, it is your problem, not mine if you do not like, what you find there.
Please be aware, that this is just a list of topics I find interesting.

All mentioned security tools can be found here:


IDA Processor module for RSSB
–> ida-rssb - github <–

IDA Processor module for SUBLEQ
–> ida-subleq - github <–

Fun little loader shellcode that executes an ELF in-memory using an anonymous file descriptor
–> mem-load.asm - github <–

Secure ELF parsing/loading library for forensics reconstruction of malware, and robust reverse engineering tools
–> libelfmaster - github <–

DNS server limitation mapper
–> DNSTunnelChecker - github <–

Active Directory Assessment and Privilege Escalation Script
–> ADAPE-Script - github <–

Transparent proxy server that works as a poor man’s VPN. Forwards over ssh. Doesn’t require admin. Works with Linux and MacOS. Supports DNS tunneling
–> sshuttle - github <–

Talks & Knowledge

Building an Empire With (Iron)Python And Breaking the Boundaries of .Net
–> (Iron)Python - github <–

New in Metasploit 5: Evasion Modules
–> Metasploit 5 - Youtube/Metasploit <–

–> Operating Offensively Against Sysmon - Dark Operator <–

Secure partitions in Arm Trusted Firmware - Armv8.4 Architecture
–> Arm Trusted Firmware - osfc <–

Alternative methods of becoming SYSTEM
–> Meterpreter’s getsystem - XPN Sec Blog <–


PoC Attack Escalates MikroTik Router Bug to ‘As Bad As It Gets’
–> CVE-2018-14847 / CVE-2018-1156 / CVE-2018-1157 / CVE-2018-1159 / CVE-2018-1158 - Threat Post <–

The dangerous malware behind IoT botnet targeting banks
–> GhostDNS - HackRead <–