Bad Sector Labs's Avatar

Bad Sector Labs

@badsectorlabs.com

Cybersecurity news, techniques, exploits, and tools every week at http://blog.badsectorlabs.com 🐘@badsectorlabs@infosec.exchange

508
Followers 53
Following 70
Posts 01.11.2024
Joined
Posts Following

Latest posts by Bad Sector Labs @badsectorlabs.com

We try hard to do this with Ludus. We've gotten huge value from the Ludus Discord and watching what people struggle with or have to fight to get to work and that makes us try to solve that issue in Ludus itself.

It's a balance of not adding every little feature though, so there is art to it.

05.03.2026 19:51 πŸ‘ 2 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Preview
A scalpel, a hammer, and a foot gun Last month, I released a Yara signature generator for Crystal Palace. AKA, an invariant content observation tool. I then used the feature to document the physics of various content-signature parame…

A Scalpel, A Hammer, and a Foot Gun

aff-wg.org/2026/03/03/a...

04.03.2026 01:06 πŸ‘ 5 πŸ” 3 πŸ’¬ 0 πŸ“Œ 0
Preview
Last Week in Security (LWiS) - 2026-03-02 SolarWinds RCE (@chudyPB), Windows 11 Recall-based LPE (@filip_dragovic), Robot RCEs (@olivier_boschko + @ruikai), EDR as a RAT (@p0w1_), and more!

SolarWinds RCE (@chudyPB), Windows 11 Recall-based LPE (@filip_dragovic), Robot RCEs (@olivier_boschko + @ruikai), EDR as a RAT (@p0w1_), and more!

blog.badsectorlabs.com/last-week-in...

03.03.2026 19:00 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Last Week in Security (LWiS) - 2026-02-23 Firefox RCE (@kqx_io), Havoc Professional (@C5pider + @0xC4RN4GE + @avx128), afd.sys UAF (@Dark_Puzzle + @Bad_Jubies), macOS JIT abuse (@kyleavery), AEMonitor (@__pberba__), and more!

Firefox RCE (@kqx_io), Havoc Professional (@C5pider + @0xC4RN4GE + @avx128), afd.sys UAF (@Dark_Puzzle + @Bad_Jubies), macOS JIT abuse (@kyleavery), AEMonitor (@__pberba__), and more!

blog.badsectorlabs.com/last-week-in...

24.02.2026 19:21 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Last Week in Security (LWiS) - 2026-02-16 SharePoint enumeration (@matthiasdeeg), LNK

SharePoint enumeration (@matthiasdeeg), LNK "0days" (@Wietze), AMD driver LPE (@Bad_Jubies), POSTing to superadmin (@XeEaton), and more!

blog.badsectorlabs.com/last-week-in...

17.02.2026 16:17 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
Last Week in Security (LWiS) - 2026-02-09

"Negative-day" discovery (@spaceraccoonsec), Exploit gen with LLMs (@seanhn), Harmony LPE (@johnnyspandex + @buffaloverflow), NetSupport Manager RCE (@0xor_solo), Azure blob C2 (@KingOfTheNOPs + @senderend) and more!

blog.badsectorlabs.com/last-week-in...

10.02.2026 19:26 πŸ‘ 0 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
Last Week in Security (LWiS) - 2026-01-12 SmarterMail Pre-auth RCE (@chudyPB + @SinSinology), Claude Code code execution (@ryotkak), VSS create (@RicardoJoseRF ), EDRStartupHinder (@TwoSevenOneT), and more!

SmarterMail Pre-auth RCE (@chudyPB + @SinSinology), Claude Code code execution (@ryotkak), VSS create (@RicardoJoseRF ), EDRStartupHinder (@TwoSevenOneT), and more!

blog.badsectorlabs.com/last-week-in...

13.01.2026 22:08 πŸ‘ 1 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
Last Week in Security (LWiS) - 2026-01-05 Windows ARM64 internals (@33y0re), VEH^2 PoC (@0xfluxsec), macOS 26 TCC bypass (@patch1t), BOFs with Crystal Palace (@_RastaMouse), Flare-On 2025 write-ups (@washi_dev), and more!

Start your 2026 off with 3 weeks of news, techniques, write-ups, and exploits!

blog.badsectorlabs.com/last-week-in...

06.01.2026 18:57 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Bad Sector Labs Blog Weekly Cybersecurity news, techniques, exploits, and tools every Monday

You can always read the most recent edition at blog.badsectorlabs.com

See you in 2026! πŸŽ‰

16.12.2025 17:16 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Subscribe - Mailing list

Thanks to the community for sharing your work!

Follow along on πŸ¦‹ Bluesky (@badsectorlabs.com), 🐘 Mastodon (@badsectorlabs@infosec.exchange), sign up for the email newsletter at subscribe.badsectorlabs.com/subscription...,
or subscribe to the RSS feed at blog.badsectorlabs.com/feeds/all.at...

16.12.2025 17:16 πŸ‘ 1 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

We published 44 editions of Last Week in Security in 2025, the best free technical cybersecurity newsletter.

We sifted through the noise (without AI!) to deliver:
πŸ“° 179 News Stories
🧠 407 Techniques & Write-ups
πŸ› οΈ 438 Tools & Exploits
πŸ‘€ 51 New X Accounts & 37 New Blogs followed

16.12.2025 17:16 πŸ‘ 3 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Preview
Last Week in Security (LWiS) - 2025-12-08 SCOM lab (@synzack21), WatchGuard RCE (@_mccaulay), Clickjacking with SVGs (@rebane2001), macOS LPE (@theevilbit), a new private phone company (@nickcalyx + @phreeli), Proxmox tradecraft (@ZephrFish) ...

SCOM lab (@synzack21), WatchGuard RCE (@_mccaulay), Clickjacking with SVGs (@rebane2001), macOS LPE (@theevilbit), a new private phone company (@nickcalyx + @phreeli), Proxmox tradecraft (@ZephrFish) and more!

blog.badsectorlabs.com/last-week-in...

09.12.2025 21:57 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Git SCOMmit - Putting the Ops in OpsMgr - SpecterOps Yet another System Center Ludus configuration for your collection. https://github.com/Synzack/ludus_scom

SCOM is one of the most deployed, but least researched, System Center products.

Zach Stein breaks down how it works + how to build a lab to test new tradecraft. ghst.ly/3Ymzfcw

09.12.2025 20:54 πŸ‘ 5 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0
Preview
Last Week in Security (LWiS) - 2025-11-10 Apple's sourcemaps takedown (@moeruri), Call stack sig bypass (@saerxcit), AD Site pwnage (@croco_byte), sneaky remap (@MagisterQuis), Deceptiq launch (@deceptiq_), and more!

Apple's sourcemaps takedown (@moeruri), Call stack sig bypass (@saerxcit), AD Site pwnage (@croco_byte), sneaky remap (@MagisterQuis), Deceptiq launch (@deceptiq_), and more!

blog.badsectorlabs.com/last-week-in...

11.11.2025 19:21 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Last Week in Security (LWiS) - 2025-10-06 WriteAccountRestrictions fun (@unsigned_sh0rt), RCE in Dell UnityVSA (@SinSinology), Unity Runtime exploit (@ryotkak), Lenovo DCC LPE (@0x4d5aC), remote control over generators (@XeEaton), and more!

WriteAccountRestrictions fun (@unsigned_sh0rt), RCE in Dell UnityVSA (@SinSinology), Unity Runtime exploit (@ryotkak), Lenovo DCC LPE (@0x4d5aC), remote control over generators (@XeEaton), and more!

blog.badsectorlabs.com/last-week-in...

07.10.2025 16:49 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Last Week in Security (LWiS) - 2025-09-15 FreeBPX RCE (@chudyPB), badpie (@dtmsecurity), macOS auditd malloc woes (@jfmeee), Spotlight TCC leak (@patrickwardle), WSUS relaying (@Coontzy1), pyLDAPGui (@ZephrFish), and more!

FreeBPX RCE (@chudyPB), badpie (@dtmsecurity), macOS auditd malloc woes (@jfmeee), Spotlight TCC leak (@patrickwardle), WSUS relaying (@Coontzy1), pyLDAPGui (@ZephrFish), and more!

blog.badsectorlabs.com/last-week-in...

16.09.2025 14:31 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Last Week in Security (LWiS) - 2025-09-08 Metamorphic compilation (@tijme), Windows Secure Calls (@33y0re), macOS race condition exploit (@patch1t), NTLM relaying (@elad_shamir), iOS zero-click RE (@quarkslab), and more!

Sure, a bunch of NPM packages got backdoor'd (again), but don't miss the great research and tools released last week! blog.badsectorlabs.com/last-week-in...

09.09.2025 15:35 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Last Week in Security (LWiS) - 2025-08-25 WebClient deep dive (@0xthirteen), 2x RCE chains in Commvault (@chudyPB), how to rob a hotel (@dmcxblue), MSI patch/protocol handler RCE (@johnnyspandex), self-relaying (@_logangoins), and more!

Lots of tooling around the new Bloodhound "OpenGraph" standard this week including vCenterHound from
@m0rd4vid and the bhopengraph library from
@podalirius_.

blog.badsectorlabs.com/last-week-in...

26.08.2025 17:09 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Last Week in Security (LWiS) - 2025-08-18 DEF CON releases, PDQ SmartDeploy creds (@unsigned_sh0rt), FortiSIEM root command injection (@SinSinology), a cat themed loader (@vxunderground), fine-tune LLMs for offsec (@kyleavery_), juicing NTDS....

DEF CON releases, PDQ SmartDeploy creds (@unsigned_sh0rt), FortiSIEM root command injection (@SinSinology), a cat themed loader (@vxunderground), fine-tune LLMs for offsec (@kyleavery_), juicing NTDS.DIT (@MGrafnetter), and more!

blog.badsectorlabs.com/last-week-in...

19.08.2025 18:29 πŸ‘ 3 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0
Post image

Come see a preview of the new Web UI for 🏟️Ludus at the Embedded Systems Village. Our mini-workshop walks you through deploying a range and then hacking an emulated IP camera.

08.08.2025 21:17 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
DEF CON Las Vegas Food Map

In Vegas for hacker summer camp and trying to get food without breaking the bank? I vibed a simple map site: defconfood.badsectorlabs.com

Come see Ludus at the embedded Systems Village - hack an IP camera, see the new UI, and get a sticker!

07.08.2025 20:50 πŸ‘ 3 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
Last Week in Security (LWiS) - 2025-08-04 AEM RCE (@infosec_au), Intune cert abuse (@_dirkjan), Entra tradecraft (@hotnops), LLMs for R&D (@kyleavery_), File System API research (@Print3M_), and more!

Last LWIS before DEF CON. Come see us in the Embedded Systems Village where we have a mini-workshop hosting an emulated camera on Ludus for you to hack!

blog.badsectorlabs.com/last-week-in...

05.08.2025 15:46 πŸ‘ 1 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Preview
Last Week in Security (LWiS) - 2025-07-28 VMware Tools LPE (@justbronzebee), Adaptix C2 0.7 (@hacker_ralf), Ludus MCP (@__Mastadon), SOAP(y) (@_logangoins), and more!

VMware Tools LPE (@justbronzebee), Adaptix C2 0.7 (@hacker_ralf), Ludus MCP (@__Mastadon), SOAP(y) (@_logangoins), and more!

blog.badsectorlabs.com/last-week-in...

29.07.2025 15:58 πŸ‘ 2 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Preview
Last Week in Security (LWiS) - 2025-07-21 PIC agents (@_RastaMouse), ToolShell, Async BOFs (@Cneelis), SCCM MP relays (@unsigned_sh0rt), RAITrigger (@ShitSecure), and more!

PIC agents (@_RastaMouse), ToolShell, Async BOFs (@Cneelis), SCCM MP relays (@unsigned_sh0rt), RAITrigger (@ShitSecure), and more!

blog.badsectorlabs.com/last-week-in...

22.07.2025 21:38 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
Last Week in Security (LWiS) - 2025-07-14 LudusHound (@bagelByt3s), SpeechRuntimeMove (@ShitSecure), Havoc Pro (@C5pider), FortiWeb RCE (@SinSinology), SailPoint IQService RCE (@NetSPI), Altiris RCE (@lefterispan), WAF bypass (@nyxgeek ), and...

LudusHound (@bagelByt3s), SpeechRuntimeMove (@ShitSecure), Havoc Pro (@C5pider), FortiWeb RCE (@SinSinology), SailPoint IQService RCE (@NetSPI), Altiris RCE (@lefterispan), WAF bypass (@nyxgeek), and more!

blog.badsectorlabs.com/last-week-in...

15.07.2025 14:38 πŸ‘ 3 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
LudusHound: Raising BloodHound Attack Paths to Life - SpecterOps LudusHound is a tool for red and blue teams that transforms BloodHound data into a fully functional, Active Directory replica environment via the Ludus framework for controlled testing.

Ludushound shows the power of community driven innovation in cybersecurity. @bagelByt3s created an awesome tool to convert bloodhound data into a working lab in 🏟️ Ludus. Replicate complex live environments with automation - and get back to the fun stuff!

specterops.io/blog/2025/07...

14.07.2025 19:12 πŸ‘ 3 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
Ludus The easiest way to deploy testing infrastructure

Lots of good write ups (like Citrix Bleed 2) but my favorite was seeing how 🏟️ Ludus.cloud helped Cameron Stish of Guidepoint Security find "LoopyTicket" (CVE-2025-33073).

blog.badsectorlabs.com/last-week-in...

08.07.2025 13:40 πŸ‘ 3 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Last Week in Security (LWiS) - 2025-06-30 Linux sleep obfs (@k0zmer), sudo vuln (@0xm1rch), self-xss trick (@slonser_), primitive injection (@trickster012), Sitecore RCE (@chudyPB ), and more!

Tons of great content released over the past few weeks. Get caught up with Last Week in Security!

blog.badsectorlabs.com/last-week-in...

01.07.2025 16:48 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Last Week in Security (LWiS) - 2025-06-09 Windows self-delete on 24H2 (@TKYNSEC), DNS rebinding (@yarlob), VSCode backdoor (@d1rkmtr), leak Google users' πŸ“ž# (@brutecat), Entra sync dumping (@hotnops), Delegations (@podalirius_), Chrome abuse ...

This week's edition is packed full of great techniques and tools! One of the longest posts we've done; there's so much cool stuff being released.

blog.badsectorlabs.com/last-week-in...

10.06.2025 15:12 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0

@raphaelmudge.bsky.social summed up why we built and released Ludus open source: "Develop technologies that give individual operators and researchers LEVERAGE acting on hypothesis and make it fast to try things, adapt, and modify."

When spinning up ADCS or SCCM is 3 commands, it gives you leverage.

09.06.2025 17:07 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0