EvilTokens Phishing Service Fuels Large-Scale Microsoft 365 Account Takeover Campaign
EvilTokens Phishing Service Fuels Large-Scale Microsoft 365 Account Takeover Campaign Post Views: 31 (adsbygoogle = window.adsbygoogle || []).push({}); Join our Patreon Channel and Gain access to 70+ Exclusive Walkthrough Videos. Reading Time: 3 Minutes Large-Scale Device Code Phishing Campaign Targets Microsoft...
Top 3 Distroless Image Alternatives
Explore Distroless image alternatives like Echo, Alpine Linux, and Red Hat UBI to boost security, reduce vulnerabilities, and streamline DevSecOps IT workflows. Top 3 Distroless Image Alternatives first appeared on Black Hat Ethical Hacking.
MSSQLand – Lightweight MS-SQL Interaction Tool for Lateral Movement and Post-Exploitation
MSSQLand enables red teams to interact with MS-SQL servers and linked instances in restricted environments without complex T-SQL queries. Assembly-ready tool for lateral movement.
mstfknn/tor-proxy
A Dockerized Tor proxy server that routes internet traffic through the Tor network via a SOCKS5 proxy with DNS support. Offers multiple image variants including Debian and Alpine for minimal footprint. Supports bridge protocols (obfs4, meek, snowflake) for circumventing network censorship, exit node
jivoi/awesome-osint
Awesome OSINT is a comprehensive curated list of open source intelligence tools and resources for cybersecurity professionals, threat hunters, and intelligence analysts. It covers 40+ categories including search engines, data breach databases, social media investigation, domain and IP analysis, geos
olafhartong/ThreatHunting
ThreatHunting is a Splunk application that provides structured threat hunting guidance mapped to the MITRE ATT&CK framework. It includes over 130 pre-built reports and multiple dashboards to help security teams identify suspicious activity within their environments. The app leverages Sysmon telemetr
favonia/cloudflare-ddns
A small, feature-rich, and robust Cloudflare DDNS updater written in Go. It automatically detects your public IP addresses and updates Cloudflare DNS records via the API. Supports both IPv4 (A) and IPv6 (AAAA) records, wildcard domains, internationalized domain names, and per-domain proxy toggling.
oxylabs/free-proxy-list
Free Proxy List by Oxylabs provides free datacenter proxies with United States IP addresses for developers and testers. It offers HTTP, HTTPS, and SOCKS5 proxy protocols with automatic IP rotation through 5 US-based IP addresses. Each account gets 20 concurrent sessions and 5GB of monthly traffic at
Credential Stuffing in 2025 – How Combolists, Infostealers and Account Takeover Became an Industry
Credential stuffing drove 22% of all breaches in 2025. How combolists, infostealers and ATO tooling are fuelling enterprise account takeover at scale
Attackers Impersonate IT Support on Microsoft Teams to Deploy A0Backdoor Malware
Attackers Impersonate IT Support on Microsoft Teams to Deploy A0Backdoor Malware Post Views: 86 (adsbygoogle = window.adsbygoogle || []).push({}); Join our Patreon Channel and Gain access to 70+ Exclusive Walkthrough Videos. Reading Time: 3 Minutes Hackers Use Microsoft Teams to Trick Employees Into Granting Remote...
DumpBrowserSecrets – Browser Credential Harvesting with App-Bound Encryption Bypass
DumpBrowserSecrets extracts saved passwords, cookies, OAuth tokens and autofill data from Chrome, Edge, Firefox, Opera and Vivaldi, bypassing App-Bound Encryption via Early Bird APC injection.
State-Sponsored Attack Hijacks Notepad++ Update Infrastructure to Deliver Malware
State-Sponsored Attack Hijacks Notepad++ Update Infrastructure to Deliver Malware Post Views: 102 (adsbygoogle = window.adsbygoogle || []).push({}); Join our Patreon Channel and Gain access to 70+ Exclusive Walkthrough Videos. Reading Time: 3 Minutes State-Sponsored Attack Hijacked Notepad++ Update Infrastructure...
Offensive Security Tool: D0rkerR3con Framework
D0rkerR3con Framework is an offensive reconnaissance toolkit designed to identify exposed files, secrets, administrative panels, backups, and misconfigurations by launching weaponized Google Dorks per domain. Offensive Security Tool: D0rkerR3con Framework first appeared on Black Hat Ethical Hacking.
Systemic Ransomware Events in 2025 – How Jaguar Land Rover Showed What a Category 3 Supply Chain Breach Looks Like
Systemic ransomware events in 2025, how Jaguar Land Rover’s shutdown exposed Category 3 supply chain risk, with lessons from Toyota, Nissan and Ferrari.
SmbCrawler – SMB Share Discovery and Secret-Hunting
SmbCrawler is a credentialed SMB share crawler for red teams that discovers misconfigured shares and hunts secrets across Windows networks.