Hyde

LinkPro: eBPF rootkit analysis LinkPro: eBPF rootkit analysis

Ebpf rootkit analysis - www.synacktiv.com/en/publicati...

PromptIntel - IoPC Registry A collaborative threat intelligence platform for tracking and defending against adversarial AI prompts. Discover Indicators of Prompt Compromise (IoPC) and protect your AI systems.

collaborative threat intel platform to identify patterns and artifacts indicating potential exploitation or misuse of Large Language Models - promptintel.novahunting.ai/feed

Bring Your Own Vulnerable Driver (BYOVD) part 2 - blog.quarkslab.com/exploiting-l...

Pixnapping: Bringing Pixel Stealing out of the Stone Age - www.pixnapping.com/pixnapping.pdf

PhishingSecLists

Github repo with wordlists for #phishing domains investigations:

Wizard.txt - common filenames/directories where they might be saving credentials
Shells.txt - popular shell file names

github.com/spmedia/Phis...

Contributor twitter.com/Edmond_Major

Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware Attackers exploit Microsoft Teams calls to deploy DarkGate malware via AnyDesk. Security measures urged.

Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware thehackernews.com/2024/12/atta...

From the ReverseEngineering community on Reddit: “DeceptionAds” — Fake Captcha Driving Infostealer Infections and a Glimpse to the Dark Side of Internet Advertising Explore this post and more from the ReverseEngineering community

“DeceptionAds” — Fake Captcha Driving Infostealer Infections and a Glimpse to the Dark Side of Internet Advertising www.reddit.com/r/ReverseEng...

Burp Suite tutorial: IDOR vulnerability automation using Autorize and AutoRepeater (bug bounty) YouTube video by STÖK

This is still one of my favorite vids for understanding and finding IDOR vulnerabilities by @stokfredrik.bsky.social. It was the video that inspired me to dive in and get the basics of the idea!

www.youtube.com/watch?v=3K1-...

Pro-tip: gron is awesome for diffing JSON 🥰

github.com/tomnomnom/gron

VIM tutorial: linux terminal tools for bug bounty pentest and redteams with @tomnomnom YouTube video by STÖK

I've done a whole bunch of talks, interviews and stuff on other people's YouTube channels over the years so I'm going to try and catalog them here.

First up is a video with my good friend STÖK in which I demo some big bounty workflow stuff.

This one is special.

youtu.be/l8iXMgk2nnY

DarkFlare - TCP-over-CDN Tunnel : A stealthy command line tool to create TCP-over-CDN(http) tunnels that keep your connections cozy and comfortable (Now with public test relay servers! ) : github.com/doxx/darkflare

fakebrowser : Fake fingerprints to bypass anti-bot systems (Simulate mouse and keyboard operations to make behavior like a real person ) : github.com/kkoooqq/fake...

GitHub - D4Vinci/Scrapling: Undetectable, Lightning-Fast, and Adaptive Web Scraping for Python Undetectable, Lightning-Fast, and Adaptive Web Scraping for Python - D4Vinci/Scrapling

Scrapling : Undetectable, Lightning-Fast, and Adaptive Web Scraping for Python : github.com/D4Vinci/Scra... credits @D4Vinci1