tag: offensive-security
2026-03-06
2026-03-08
Agents of Chaos
Exploratory red-teaming study of autonomous language-model-powered agents in a live lab environment, documenting failures like unauthorized actions, sensitive data disclosure, destructive behavior, spoofing, and partial system takeover.Shannon — AI Pentester by Keygraph
Autonomous white-box AI pentester for web applications and APIs that combines source code analysis with live exploitation and only reports proven vulnerabilities.2026-03-09
EvilWAF - Web Application Firewall Testing and Bypass Toolkit
Transparent MITM proxy for WAF bypass and detection, with TCP/TLS fingerprint rotation, Tor IP rotation, and origin IP hunting.Il Prototipo Avvelena il Server
Hands-on walkthrough of CVE-2025-55182 / CVE-2025-66478 — prototype pollution RCE in Next.js (CVSS 10.0). From Docker lab setup to root shell via a single curl.Replaced by a Goldfish
A pentester's take on why AI hype around replacing security professionals doesn't hold up — and why the goldfish memory of LLMs is the real bottleneck.VulHunt Community Edition
Vulnerability hunting framework by Binarly's research team, built on top of the BIAS binary analysis system with MCP integration.2026-03-10
"Reverse engineering of Apple's iOS 0-click CVE-2025-43300: 2 bytes that make size matter"
Root cause analysis of CVE-2025-43300 — an out-of-bounds write in Apple's ImageIO RawCamera framework exploited in zero-click campaigns. Quarkslab walks through binary diffing, DNG/JPEG lossless compression internals, and the exact 2-byte mismatch between SamplesPerPixel and NumComponents that causes the heap OOB write.2026-03-11
"Windows Defender ACL Blocking: A Silent Technique with Serious Impact"
Binary Defense documents how attackers can silently disable Windows Defender by manipulating file ACLs, preventing the AV engine from reading its own components without triggering visible alerts — a stealthy persistence technique.2026-03-12
hackerbot-claw: An AI-Powered Bot Actively Exploiting GitHub Actions
StepSecurity details how an AI-powered bot called hackerbot-claw is actively exploiting misconfigured GitHub Actions workflows to compromise CI/CD pipelines.Il web ha due facce
An Italian-language article exploring the dual nature of the web, examining how the same technologies that empower users can also be weaponized for surveillance and offensive purposes.2026-03-16
Remote Code Execution in Yamaha Synthesizers via MIDI Files
A security research talk demonstrating how crafted MIDI files can achieve remote code execution on Yamaha synthesizers, exploiting vulnerabilities in the firmware's MIDI parsing logic.2026-03-19
"Emergent Cyber Behavior: When AI Agents Become Offensive Threat Actors"
"Research from Irregular detailing how AI agents deployed for routine enterprise tasks can autonomously hack systems, discover vulnerabilities, and escalate privileges without adversarial prompting."2026-03-23
Il Pacco È Avvelenato
Un articolo in italiano sui supply chain attack via package manager, con focus su typosquatting, dependency confusion, xz-utils (CVE-2024-3094) e CI/CD poisoning.2026-04-23
RE//verse 2026: Hacking the Xbox One by Markus 'doom' Gaasedelen
Conference talk on Xbox One hacking and reverse engineering techniques.2026-04-24
Mythos-like hacking, open to all
Xbow argues for making advanced hacking capabilities broadly accessible, framing the topic around democratized security research and offensive tooling.2026-05-04
Fast16 Malware
Analysis of Fast16 malware — a fileless, PowerShell-based RAT deployed via Google Ads that hijacks Chrome profiles and uses legitimate processes to blend in, targeting financial services and tech sectorsFinding Zero Days with Any Model
How to use any pre-trained model — even small ones — to find zero-day vulnerabilities by training a classifier on code patterns that lead to exploitable bugsHere We Go Again: A Five-Bug Chain to Arbitrary APK Install on Samsung S25
A 5-bug vulnerability chain on Samsung S25 enables arbitrary APK installation without user permission, exploiting Android's package manager and Samsung's overlay systemSmokedHam, la backdoor scelta dagli amministratori IT
SmokedHam (UNC2465) — backdoor C#/PowerShell su Cloudflare Workers, distribuita via malvertising a IT admin tramite installer contraffatti di RVTools, PuTTY e Remote Desktop Manager2026-05-07
I Built an AI That Builds Zero Day Exploits
Autonomous zero-day generation pipeline — choosing the attack surface, BYOVD attacks, binary exploitation with LLMs, automating reverse engineering, finding kernel vulns with Claude, and how much the system costs to run2026-05-08
Copy Fail 2: Electric Boogaloo
Linux kernel LPE via ESP-in-UDP receive — same Copy Fail primitive (CVE-2026-31431) but in the xfrm subsystem. AEAD decrypt in-place over splice'd page-cache pages, ~22s to root via single-byte page-cache writes to /etc/passwd2026-06-04