Aditya

@adityatelange
58 Followers
45 Following
375 Posts
Hacker ⚡ Developer
Websitehttps://adityatelange.in
Githubhttps://github.com/adityatelange
Aditya4d ago

One Year with evil-winrm-py - A Retrospective

https://adityatelange.in/blog/evil-winrm-py/

#pentesting #cybersecurity #winrm #python #foss #github

One Year with evil-winrm-py - A Retrospective

A retrospective on the development and impact of evil-winrm-py, a Python implementation of the popular evil-winrm tool for Windows Remote Management.

Aditya Telange
Aditya6d ago

A ton of improvements added to #papermod

https://github.com/adityatelange/hugo-PaperMod/commits/master/?since=2026-04-11&until=2026-04-12

Commits · adityatelange/hugo-PaperMod

A fast, clean, responsive Hugo theme. Contribute to adityatelange/hugo-PaperMod development by creating an account on GitHub.

GitHub
AdityaApr 7

The best #android security inspection tool - duck detector is open sourced.

https://github.com/eltavine/Duck-Detector-Refactoring

#foss #android #security

GitHub - eltavine/Duck-Detector-Refactoring

Contribute to eltavine/Duck-Detector-Refactoring development by creating an account on GitHub.

GitHub
AdityaApr 2

NearbyShare/QuickShare for Linux and MacOS

Really nice tool for Quick Share from #linux to #android devices and vice versa.

https://github.com/Martichou/rquickshare

#filetransfer #quickshare #foss

AdityaApr 2
#cybersecurity
AdityaMar 31

https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan

#npm #supplychainsecurity

axios Compromised on npm - Malicious Versions Drop Remote Access Trojan - StepSecurity

Hijacked maintainer account used to publish poisoned axios releases including 1.14.1 and 0.30.4. The attacker injected a hidden dependency that drops a cross platform RAT. We are actively investigating and will update this post with a full technical analysis.

AdityaMar 30
Kali LinuxMar 30

Kali Linux 2026.1 Release (2026 Theme & BackTrack Mode)

https://www.kali.org/blog/kali-linux-2026-1-release/

AdityaMar 30
Rubén Santos GarcíaMar 29
OAuth account takeover doesn't need leaked tokens. No state param = CSRF to forced account linking. Loose redirect_uri matching = code theft via open redirect chains. Implicit flow puts tokens in browser history and Referer headers. PKCE bypass when not enforced server-side. SSRF via OpenID dynamic client registration. Six patterns, all with labs. https://www.kayssel.com/newsletter/issue-43/ #OAuth #BugBounty #Pentesting #websecurity #Offsec #InfoSec
OAuth 2.0: Six Ways the Authorization Flow Breaks

Missing state CSRF, redirect_uri hijacking, open redirect code theft, implicit flow token leakage, PKCE bypass, and SSRF via OpenID dynamic client registration

Kayssel
AdityaMar 27

https://helium.computer/

#browser #foss

Helium Browser

The web browser made for people, with love. Best privacy by default, unbiased ad-blocking, no bloat and no noise. Fully open source.

AdityaMar 25

🚀 evil-winrm-py v1.6.0 is out!

New commands:
• runexe → upload & exec local EXEs (with args)
• loaddll → load remote DLL as PS module
• services → list non-system services

Plus better tab completion for PS cmdlets, multi-encoding support, and more.

https://github.com/adityatelange/evil-winrm-py/releases/tag/v1.6.0

#Pentest #WinRM #RedTeam

Release v1.6.0 · adityatelange/evil-winrm-py

This release introduces new commands for interacting with the remote host, including runexe, loaddll, and services. It also brings significant improvements to the interactive shell, such as enhance...

GitHub