CARsenal: #KaliLinux 2025.2 bringt Tools zum Hacken von Autos mit | Security https://www.heise.de/news/CARsenal-Kali-Linux-2025-2-bringt-Tools-zum-Hacken-von-Autos-mit-10446995.html #Kali #Linux #PenTesting

My previous intro post was a few years old, so behold, new intro post:

Mike. Live in the Seattle area having grown up in the UK as a full blown British. Have a wife (incredible), child (boy), and three dogs (golden retriver/cream retriver/fuck knows).

I work in information security, something I have done for about 20 years. By day I run corporate security, enterprise IT and various other bits and pieces for an EV charging startup. I am big into EV's and currently drive one that is not a Tesla. I want an electric motorbike, so if anyone has a spare one please send it.

I also have a company of my own, Secure Being (https://securebeing.com), which does pen testing and digital forensic work - it's my way of staying super hands on while still doing the management bits on the career path.

I have written books about information security things. Five of them. Two are non-fiction textbooks, and three are fiction based on real world #infosec things. Check out https://infosecdiaries.com and your local bookstore to find them, just search for my name. I have been trying to write more stuff, but always seem to find myself distracted by other things, such as work. linktr.ee/secureowl has some mini stories I've written.

I love radio and everything RF. I have lots of antennas and various scanners and radios on my desk. I love intercepting and decoding things, like digital radio protocols.

I am a big aviation nerd. I always wanted to be a commercial pilot. I gained my private pilots license in the UK at 17, all self funded by my employment at the local Safeway/Morrisons store. I did the sim test and commercial assessments, but for some reason, at 18, I was unable to find the £100k needed to complete the commercial training, so I did computers. But do not worry, because those computers and love of aviation and radio/RF combined, and I run a project called ACARS Drama. https://acarsdrama.com has all the details.

I play guitar and am a big guitar/audio nerd as well. I record music under the moniker Operation: Anxiety, https://operationanxiety.com - the music is on all the normal places.

Finally, I am a massive fan of motorsport. I believe I have watched every F1 race for the last 30 years, maybe 25. I also follow F2, FE, Indycar and MotoGP closely. I average around 18 hours of Le Mans 24 hour racing watching per year.

So there you have it. If you are looking for a thought leader on the topics mentioned above, you've come to the wrong place - because this is where I shitpost, and shitposting is cheap therapy.

Nice new (to me) Azure config checker. Going straight in the toolbox. I'm still using Azurite! All powershell tho, YMMV.

https://github.com/silverhack/monkey365

Linux Magazine 296: Pen Testing is available now! Learn to think like an attacker and find resources to get started with penetration testing. This month's DVD includes @fedora Workstation 42 Live and @ubuntubudgie 25.04
https://www.linux-magazine.com/Issues/2025/296?utm_source=mlm
#PenTesting #security #Linux #EUOS #Lomiri #Nushell #Ptcpdump #Python #deborphan #KiCad #NiceGUI #FreshRSS

We're very happy and excited to announce that we've closed the extra last-minute CFP for the #OffensiveOps Offensive Security Village, which Bourbon Offensive Security Services has sponsored and turned into reality! The village is accompanied by a #Lockpicking village - see more details below.

This TAKES PLACE on June 18th from 14.00-18.00 on top of the June 19th full day agenda!!

Talks:
1 - Browser Exploitation: From N-Days to Real-World Exploit Chains in Google Chrome - by Arnaud Perrot (aka "petitoto")

2 - Hacking EV Chargers: Fast Track to Market, Fast Track to Vulnerabilities - by Simon Petitjean

3 - Targeting pentesters - by Charlie Bromberg (aka "Shutdown") & Mathieu Calemard du Gardin

4 - Unpacking Azure Initial Access Attack Techniques - by François-Jérôme Daniel & Patrick Mkhael

In parallel we host the “Physical Intrusion & hashtag
hashtag#Lockpicking Village” in the Atrium to permits to practice, learn and more ! by Nicolas Aunay (Joker2a)) and Nicolas B.!!

The village will be live during both days of the event

Get your ticket here: https://lnkd.in/edXc3ytn

If you’re into #pentesting, #redteam, #adversaryemulation, #physicalintrusion or you're a student, passionate, or just curious to explore why offense is mandatory for defense — you’ll feel right at home.

Let’s build something meaningful for the offensive security community in Luxembourg.

#BSidesLuxembourg2025
#OffensiveOps
#OffSec
#Cybersecurity
#infosec
#communitydriven

Anyone want to offer odds on how long before the first bug bounty win?

[Updated on the same day, see below]

It took me a few days to build the library [cloudflare/workers-oauth-provider] with AI.

I estimate it would have taken a few weeks, maybe months to write by hand.

That said, this is a pretty ideal use case: implementing a well-known standard on a well-known platform with a clear API spec.

(Quoting @simon quoting Kenton Varda)

https://simonwillison.net/2025/Jun/2/kenton-varda/#atom-everything

#llm #pentesting

https://hails.org/@hailey/114618621907081062

Day 1 of posting to social media until I get an offensive security research job

First, I’m going to start with what I know – Windows. I need to recreate what I had access to at Microsoft, so that starts by setting up a dev environment and finding a copy of Windows System Internals, perhaps the greatest resource for learning Windows out there. My expertise is in Windows and virtualization, so I’m going to make sure I master those areas.

Next, I don’t think I want to grind coding exercises, but I do need to shake the rust off my coding skills. I think I’m going to start with some HackTheBox challenges and find some CTFs to participate in.

Finally, my long overdue goal: learn Rust. I’m not sure if this will help immediately, as I could choose to improve my knowledge of Python. But Rust was getting more and more popular in the areas of Windows I was tasked with protecting, so I need to learn what all the fuss is about with regards to memory safety.

If anyone is on a similar journey, let’s hold each other accountable in the comments! I will be sure to document any write-ups at blog.maxrenke.com (work in progress).

@hackinarticles@bird.makeup bird.makeup/users/hackin... - Pic of the Day #infosec #cybersecurity #cybersecuritytips #pentesting #cybersecurityawareness #informationsecurity

New blog post! It's a rather short one, nothing crazy. Just wanted to share a random finding I made recently.

'Hijacking the Windows "MareBackup" Scheduled Task for Privilege Escalation'

https://blog.scrt.ch/2025/05/20/hijacking-the-windows-marebackup-scheduled-task-for-privilege-escalation/

An excellent and especially thorough list of bypasses available to just about any bad actor that can reach a shell on a misconfigured UNIX system.

https://gtfobins.github.io/

(Thanks to one of my students, Susana, for sending this in)

Ok, so it's a pentera ad, but the research is sound. And yeah, 75 security products and still 67% biannual breach rate? Christ on a cracker.

https://thehackernews.com/2025/05/the-crowded-battle-key-insights-from.html?m=1

Nmap, Metasploit, Hydra, Mimikatz, Netcat: Overview & Uses

#CyberSecurity #PenTesting #EthicalHacking #Nmap #Metasploit #Hydra #Netcat

My favorite pentesting setup.

Today i'm setting up the #KaliLinux #Docker #container for my #ansible #playbook. This setup has some pretty cool advantages for me.

I can:

• access the shell and files using #SSH and #SFTP.
• customize the installation to the fullest extend using the #Dockerfile.
• easily route the #networktraffic through a #vpn using #gluetun.
• reproduce the setup (i love Docker).
• use GUI apps from that container using X11Forwarding or by installing a #vnc server.

This has been my favorite #pentesting setup so far for obvious reasons. I can access a fully configured pentesting environment on all my devices, always accessible and ready to go.

In case anyone is interested in the setup, it will be included in my ansible playbook, which will be published on this repository.

AI-powered features are the new attack surface! Check out our new blog in which LMG Security’s Senior Penetration Tester Emily Gosney @baybedoll shares real-world strategies for testing AI-driven web apps against the latest prompt injection threats.

From content smuggling to prompt splitting, attackers are using natural language to manipulate AI systems. Learn the top techniques—and why your web app pen test must include prompt injection testing to defend against today’s AI-driven threats.

Read now: https://www.lmgsecurity.com/are-your-ai-backed-web-apps-secure-why-prompt-injection-testing-belongs-in-every-web-app-pen-test/

A recent report reveals that experts are leveraging the Mythic framework agent to enhance penetration testing, emphasizing proactive defense and the development of tailored tools to stay ahead of evolving cyber threats. #CyberSecurity #Pentesting
https://securelist.com/agent-for-mythic-c2-with-beacon-object-files/115259/

#Interrupt: Starker #FlipperZero-Konkurrent kommt mit #Linux und Tastatur - Golem.de https://www.golem.de/news/interrupt-starker-flipper-zero-konkurrent-kommt-mit-linux-und-tastatur-2505-196028.html #PenTest #PenTesting #PenetrationTesting

We have found an interesting vulnerability in a #Matrix #Android client:

Software: #Element X Android
Affected Version: <= 25.04.1
CVE: CVE-2025-27599
CVSSv3.1: MEDIUM
Prerequisites: Clicking on a crafted hyperlink or using a malicious app

Since Element X Android usually has the permission to access camera and microphone, this can be used to record audio and video from the victim. Pretty bad!

Read more: https://herolab.usd.de/security-advisories/usd-2025-0010/

Who says that #AI isn't helping people in real-life situations?

Consider yourself a bad #hacker, breaking in a company #SharePoint server. With #Microsoft #CoPilot, you're able to determine recent #pentesting reports, plain text #passwords and other crucial information for your attack right away. As if you get direct help by an insider. Amazing.

If you find an interesting sensitive file you don't have reading permission for, you can ask CoPilot to show it to you, overriding all the #security permission measures. Even better: this is not even logged as a file access. No need to clean up afterward.

Exactly the software you will need for your work. #Pentester and attackers could not have asked for a better tool. Your victims will pay for this handy service themselves. Great to get that kind of important support by Microsoft.

Read about that on: https://www.pentestpartners.com/security-blog/exploiting-copilot-ai-for-sharepoint/

<script>alert(1)</script> - 403 Forbidden
<img src=x onerror=console.log(1)> - 403 Forbidden
<svg onload=print()> - 403 Forbidden

I've recently encountered a web application firewall in a pentest, blocking all my attempts to insert an XSS payload.

In such cases, I love to use the #PortSwigger cross-site scripting cheat sheet: https://portswigger.net/web-security/cross-site-scripting/cheat-sheet

I copied all payloads to the clipboard, pasted them into the Intruder's word list and hit the "Start attack" button.

Within seconds, I had a working proof of concept.

How do you use the XSS cheat sheet? I'm keen to know!

He Thought the App Was Safe… Until This Happened.

He downloaded the app. It looked polished. Smooth UI. Secure login. But under the hood…

As a pentester, I decided to take a peek.

So far, so good… right? Wrong.

I fired up my tools:

MobSF for static analysis
Burp Suite for traffic interception
Frida to hook runtime behavior

What I found shocked me.

Check the comments for the link to the full guide....