What's your favorite error in labs that took you hours to fix?
A few of my examples from this week:
- my VPN tunnel was silently dropping large packets (MTU)
- LinPEAS was screaming because /bin/sh is dash, not bash
- I killed my nmap scan trying to close a tmux pane
wrote it all up so you don't have to suffer the same way
also: netcat is just a pipe. that's it. people using nc -lvnp 4444 often seem to forget what nc really does.
→ https://niklas-heringer.com/skills-lab/linux-lab-pitfalls/
Pi Slate – A Raspberry Pi 5 handheld Linux cyberdeck with a 5-inch 1920×720 touchscreen display
We previously wrote about Carbon’s CyberT, a Blackberry-style Raspberry Pi CM4 handheld Linux cyberdeck designed for Kali Linux and penetration testing. The company, now operating under the CyberArch/Carbon Computers brand, has introduced the Pi Slate, a more powerful handheld cyberdeck designed for portable computing and security-focused applications. Built around the Raspberry Pi 5, the Pi Slate integrates a 5-inch 1920×720 touchscreen, a backlit RGB keyboard with an integrated cursor, and a 10,000 mAh battery for 3–5 hours of portable use in a compact enclosure. It supports modular expansion for HATs such as LoRa, SDR, AI accelerators, and M.2 storage, and includes cooling support, antenna mounts, and an optional modular back with a kickstand. It targets penetration testers, IT professionals, and field technicians needing a compact, preconfigured system for cybersecurity and field work. Pi Slate specifications: SBC – Raspberry Pi 5 with 2GB, 4GB, 8GB, or 16GB LPDDR4X RAM options Storage
Persistence on Windows
There are various ways hackers maintain persistence on Windows machines. Here is Part 1. Helpful for both red and blue teams, as we still occasionally see teams struggle to detect these techniques
https://hackers-arise.com/advanced-windows-persistence-part-1-remaining-inside-the-windows-target/
#cybersecurity #pentesting #windows
Pentesters often use browser extensions because they keep testing close to the web app—making it easier to inspect cookies, tweak traffic, and catch client-side issues without constantly switching tools
Here are useful browser extensions for pentesting 😎👇
Find high-res pdf ebooks with all my cybersecurity related infographics at https://study-notes.org
#pentesting #cybersecurity #hackingtools #learnhacking #ethicalhacker
3/3
🏥 Mich lässt das mit anderen Augen auf unsere Klinik-Infrastruktur schauen.
Wie viele Windows-Dienstkonten laufen dort mit Domain-Rechten – und wie viele wären bei einem kompromittierten Server sofort exponiert?
#ITSecurity #CyberSecurity #Windows #MedizinischeIT #Pentesting #Weiterbildung
CVE-2026-41940 was exploited for 64 days before a patch existed. First attack: Feb 23. Advisory: Apr 28.
After disclosure, 15,448 cPanel hosts in malicious activity on May 1 alone. Ransomware and a Mirai botnet running in parallel. CVSS 9.8. CISA KEV.
We built a free scanner. No account needed.
🚨 Annual pentests aren’t enough anymore.
Cyber threats evolve daily—your security testing should too.
Benefits of Continuous Penetration Testing:
• Real-time vulnerability detection
• Reduced attack surface
• Ongoing security validation
• Better compliance readiness
Learn more: https://www.vaptsecurity.com/blog/
DNS attacks go after weaknesses in the Domain Name System — one of the internet’s core components — to disrupt services or redirect traffic, which is why DNS remains a high-value target for attackers 😎👇
Find high-res pdf ebooks with all my cybersecurity infographics at https://study-notes.org
Niklas Heringer
cnx-software.com [Unofficial]
hackers-arise.official
dan_nanni
Chema Alonso 
Der Radiologe 🏳️🌈
pentest-tools.com
RootShell
Nathan Labs