It's... been a while since the last objection release got tagged. We finally landed a 1.12 release today which also means pypi is up to date again, and for the foreseeable future! Work never really stopped, and plenty of bug fixes are included. More in 🧵 github.com/sensepost/ob...

I'm kind of proud of the syntax I invented for defining key spaces to expand when looking for phishing kits github.com/singe/domain...

Our analysis covers updated #BURNBOOK and #MISTPEN variants, that feature slight changes in their main routines and C2 loop. UNC2970 relied on compromised infrastructure on SharePoint and WordPress, aligning with previous findings.

🔎Our CERT is releasing a new technical report on 🇰🇵Operation #DreamJob, focusing on recent evolution in its tooling. Following an IR engagement at a large manufacturing client based in 🇪🇺, we investigated artefacts we attribute to #UNC2970. ➡️Full blog: ow.ly/V4mr50Xug1l

Made this last night, it’s useful for finding a large number of domains hosting phishing kits or malware based on a consistent pattern github.com/singe/domain-p… Might be useful for some of you.

Turns out you can communicate across containers via 63-bits of available space in a shared lock you acquire on /proc/self/ns/time that all processes have access to. No networking required. The post has a demo of a chat app communicating across unprivileged containers. h4x0r.org/funreliable/

I chatted with @hex-rays.bsky.social about how I found my place in the security industry, how @blackhoodie.bsky.social came to be, what our goals are and why community matters so much. hex-rays.com/blog/blackho...

HOPE has been banned from St. John's University. www.2600.com/content/hope...

The new kids use uv, so: uv run raw.githubusercontent.com/sensepost/CV... !

Here’s a free scanner for that FortiWeb CVE-2025-64446 I made for you.

The clever folks at Grumpy Goose Labs have published even more ways to identify unauthorized IP KVMs across your environment, with some great memes to boot! Be KVM, Do Fraud - blog.grumpygoose.io/be-kvm-do-fr...

No Sleep Again Full version: youtu.be/zK9HSXrvUMg #ドット絵 #pixelart

ocean tides 🌊✨ #pixelart

@ellearmageddon.bsky.social wirh some words of inspiration at #kawaiicon We can change the world, we do it in small steps, making each thing just a little better

NEW: Paragon spyware hit a key Italian campaign manager / political strategist. Super concerning case & a reminder that Italy has a growing pile of unexplained infections with Paragon's Graphite spyware.

D3 viz of Symbiote malware call graph created with @binaryninja.bsky.social. Interactive, and makes pewpew sounds. The pewpew sounds are naturally the most important analysis feature, duh. Code going public soon.

Heeey, ncurses/terminfo has a small virtual machine! And if there's a VM, there are CTF challenges :) hackarcana.com/public-exerc... hackarcana.com/public-exerc... (third one coming next week, will be a bit harder)

T’was 0xC0N Jozi today. That makes number 9, finally beating ZaC0N’s run of 8 years. It’s such a special con because it’s small and full of passionate attendees - no corporate wage slaves there for a day off work, just a bunch of hackers new and old.

Just added SOCKS support to this reverse tunnelling tool github.com/singe/contun...

github.com/singe/contun.p… this was a fun nerd snipe - how do you build a listed:listen connect:connect reverse tunnel that can handle concurrent connections when you only have Perl.

I just can't get over how this track is literally about when your phone's 2G GSM signals would interfere with speakers, and they even sample the interference sound repeatedly: www.youtube.com/watch?v=gpQS... (1/2)

Back in days of IRC my friend vhata maintained an ibid* bot called Spinach. Spinach had a ton of lore saved in its factoid database and was an essential part of our daily lives. From helping us with cricket scores to making major life choices with the choose plugin. *

Seriously, I love this post so much - Good weekend timeline cleanser: "Root for Your Friends · Joseph Thacker" m.cje.io/3KYvnLt

Why plant a Tradecraft Garden? April 2025, I talked to my camera about how tradecraft may go the route we saw vuln research go years ago, red teaming's retreat to self-protective secrecy, and the opportunity I see for a public tradecraft ecosystem. This starts @ 1:16:00 vimeo.com/1074106659#t...

www.amsterdamreview.org/considering-... via @tashjoeza.bsky.social

Unsolicited tick pic

Rewatching this banger of a talk, that we’re now spoiled with two versions of; the original DEFCON 33 main stage talk, and the follow up RomHack 2025 talk with the PipeTap additions. DEFCON https://youtube.com/watch?v=zSBf2CMKlBk RomHack https://youtube.com/watch?v=_39UbCePFfw

Tomorrow morning I am cycling 100km from Brisbane to the Gold Coast for cancer research 🚴‍♀️❤️ If you’d like to sponsor me (even small donations are super appreciated): fundraise.mater.org.au/s/120023/179...

I think about this often. What is a real world bad guy's level of effort for cracking? How long do they spend? How big is their cracker? Do they have multiple crackers? How do they distribute the load?

https://www.reuters.com/world/europe/south-africas-ambassador-france-found-dead-paris-le-parisien-2025-09-30/ 👀

the grapheneOS hardened allocator is pretty scary www.synacktiv.com/en/publicati... has there ever been a recorded ITW 0c exploit on a grapheneOS device?

Looking forward to the #romhack live stream on Saturday to see three of my favs - @titon, @leonjza & @albinowax

i don’t think i’m autistic because my mom took tylenol while she was pregnant with me, i’m pretty sure it’s because she decided to reproduce with a guy who had an engineering degree, a ham radio hobby, and an inability to wear clothing not made from natural fibers

I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful vulnerability I will probably ever find: a token validation flaw allowing me to get Global Admin in any Entra ID tenant. Blog: dirkjanm.io/obtaining-gl...

I had occasion to hack on some Wordpress’es and realised there’s a ton of surface area exposed over the "new" REST interfaces. Here's a small utility to convert it into a OpenAPI/Swagger file so you can explore it in your pentests/bug bounty work. github.com/sensepost/wp...

When FW De Klerk died someone on Twitter scolded me for sharing an old Private Eye cover about Verwoed's assassination (it was celebratory). "What if that was your grandpa?" Neither of my grandpas were war criminals and, if they were, I hope people would chat huge shit when they died.

It used to be that “not supporting the murder of people I don’t like” wasn’t a controversial stance. Yes, even if they called for my murder.

I’ve been watching the inside track on this one, it’s super cool.

I've been hacking on a new Windows Named Pipe tool called PipeTap which helps analyse named pipe communications. Born out of necessity while doing some vulnerability research on a target, its been super useful in reversing it's fairly complex protocol. :)

Good stuff. Proud to have been involved in an aspect of this.

Cyble wanted this blog post taken down … Barbra Streisand (woo ooh ooh woo woo)

There are many reasons why you never see Cyble in my newsletter... and this is one of them Now taking down security research on behalf of big corps

Total eclipse blood moon our side of the planet right now.

Source code and a downloadable app to try it yourself: github.com/samhenrigold... I have so much free time it’s unbelievable. I’m open to full-time work in NYC or remote. Senior product designer/design engineer. samhenri.gold

Did you know your MacBook has a sensor that knows the exact angle of the screen hinge? It’s not exposed as a public API, but I figured out a way to read it and make it sound like an old wooden door.

Moving to a new laptop brings with it the joy of a fresh install. It’s where I agonise over my set up. Last night I spent several hours redoing my zsh prompt I’ve been rolling for 30 years with some new features. It’s so crispy now, but I still can’t figure a way to drop the perl regexp!

Upgraded from an M1 Pro to M4 Max. Preliminary hashcat and LLM testing show it about 3.5x faster, which is more than I thought it would be!

Interested in the release of hashcat 7 I retested my (now three year old) ntcrack against it. It made me smile to see it's still faster. https://github.com/sensepost/ntcrack

I used to kvetch about how weirdly aggressive DEFCON goons were, so it’s worth noting that rot seems to have finally been routed. The goons have only been kind, earnest and helpful this year. It’s been changing for a few years, nice to see it accomplished.