All posts by John Doe

■■■□□ Python-based web vulnerability scanner utilizing Acunetix vulnerability database. https://codeberg.org/neolead/acuscan.git https://github.com/neolead/acuscan

■■■□□ Open-source LLM Red-Team lab. 159 transforms, 25 tool surfaces, BYOK gateway. Runs in your browser. https://github.com/m4xx101/cryptex-oss

■■■■■ GHSL-2026-140: Heap Buffer Write Overflow in 7-Zip. https://securitylab.github.com/advisories/GHSL-2026-140_7-Zip

■■■□□ GitHub has terminated the account of “Nightmare-Eclipse,” an anonymous rogue security researcher known for dropping critical unpatched Windows vulnerabilities since Microsoft left them “homeless with nothing.” The vigilante has now moved to GitLab, releasing more threats. https://cybernews.com/security/github-bans-researcher-releasing-windows-zero-days

■■■■□ AdStrike — AI Powered Active Directory Attack Framework 💀🔥 A modular red-team framework built for advanced AD operations, Kerberos workflows, ADCS abuse, credential access, lateral movement & attack-path analysis. ⚡ 🔥 58 interactive modules 🛡️ Kerberos-aware workflows 🤖 AI-assisted operator agent 📊 HTML / JSON / Markdown reporting ⚔️ BloodHound, Impacket, Certipy, NetExec integration…

■■■□□ Telegram, the FSB, and the Man in the Middle Investigation. The technical infrastructure that underpins Telegram is controlled by a man whose companies have collaborated with Russian intelligence services. https://www.occrp.org/en/investigation/telegram-the-fsb-and-the-man-in-the-middle

■■■■□ Free media links website. A guy named nbatman on Reddit accidentally built the most useful website on the internet. It’s called FMHY (Free Media Heck Yeah). This is the website Google delisted from search for DMCA violations, Reddit shadow-banned for promoting piracy, the Motion Picture Association flagged as a top piracy threat, and the…

■■■■□ The Vehicle May Be Sick: Denial of Diagnostic Services by Exploiting the CAN Transport Protocol. Hacking a Hyundai Elantra through the diagnostic protocol — and transferring a 4GB file over a CAN bus. Security researchers Seungjin Baek, Seonghoon Jeong, and Huy Kang Kim published research focused on attacks against automotive diagnostic communication at the…

■■■□□ Hackers Can Weaponize Lenovo Driver to Terminate EDR Processes. Hackers Can Weaponize Lenovo Driver to Terminate EDR Processes Researcher: Jehad Abudagga

■■□□□ Patch diffing using AI. My Windows reverse engineering and exploit research workflow has been: 1. Pick a binary to research like tcpip.sys 2. Use github.com/joshterrill/po… to automate seeing existing binary versions, download, and generate diffs from them 3. Load the resulting .binexport’s and .bindiff into an LLM and ask it to analyze 4. Look…