r1cksec

@[email protected]
670 Followers
156 Following
62 Posts

Data breach revealed,
Malware lurks, silent, stealthy -
OSINT tracks the thread.

URLs I post may contain malware – be careful and check yourself before running anything.

Websitehttps://r1cksec.de
Githubhttps://github.com/r1cksec
Twitterhttps://twitter.com/r1cksec
BlueSkyhttps://bsky.app/profile/r1cksec.bsky.social
r1cksec1h ago

Generalized Wi-Fi Client Isolation Bypasses

https://github.com/vanhoefm/airsnitch

#infosec #cybersecurity #redteam #pentest #wifi

GitHub - vanhoefm/airsnitch: Generalized Wi-Fi Client Isolation Bypasses

Generalized Wi-Fi Client Isolation Bypasses. Contribute to vanhoefm/airsnitch development by creating an account on GitHub.

GitHub
r1cksec22h ago

DCSync Beacon Object File (BOF)

https://github.com/kozmer/dcsync-bof

#infosec #cybersecurity #redteam #pentest #opensource

r1cksec2d ago

This ASPX web shell enables execution of Beacon Object Files (BOFs) on a target server using a semi-interactive Python client.

https://github.com/epotseluevskaya/ASPX_WebShell_COFFLoader

#infosec #cybersecurity #redteam #pentest #web

GitHub - epotseluevskaya/ASPX_WebShell_COFFLoader: ASPX Web Shell with COFF Loader

ASPX Web Shell with COFF Loader. Contribute to epotseluevskaya/ASPX_WebShell_COFFLoader development by creating an account on GitHub.

GitHub
r1cksec2d ago

A post about identifying key areas of Configuration Manager (SCCM) infrastructure that defenders can implement for deception solutions

https://specterops.io/blog/2026/02/19/mapping-deception-solutions-with-bloodhound-opengraph-configuration-manager

#infosec #cybersecurity #redteam #blueteam #windows #dfir

Mapping Deception Solutions With BloodHound OpenGraph  – Configuration Manager

Deception and canary development implemented in SCCM can be used to alert upon cyber attacks and intrusions. This blog provides step by step guidance to implement deception solutions and use BloodHound OpenGraph for planning.

SpecterOps
r1cksec4d ago

Opening a file in GNU Emacs can trigger arbitrary code execution through version control (git), most requiring zero user interaction beyond the file open itself.

https://github.com/califio/publications/blob/main/MADBugs/vim-vs-emacs-vs-claude/Emacs.md

#infosec #cybersecurity #redteam #pentest #ai #emacs #claude

publications/MADBugs/vim-vs-emacs-vs-claude/Emacs.md at main · califio/publications

Publications from Calif. Contribute to califio/publications development by creating an account on GitHub.

GitHub
r1cksec4d ago

A bug chain in Vim allows arbitrary OS command execution when a user opens a crafted file

https://github.com/vim/vim/security/advisories/GHSA-2gmj-rpqf-pxvh

https://github.com/califio/publications/blob/main/MADBugs/vim-vs-emacs-vs-claude/vim.md

#infosec #cybersecurity #redteam #pentest #ai #vim #claude

Vim tabpanel modeline escape affects Vim < 9.2.0272

Vim tabpanel modeline escape affects Vim < 9.2.0272 =================================================== Date: 30.03.2026 Severity: High CVE: *not-yet-assigned* CWE: Improper Neutralization of ...

GitHub
r1cksec6d ago

Extract Windows credentials directly from VM memory snapshots and virtual disks

https://github.com/nikaiw/VMkatz

#infosec #cybersecurity #redteam #pentest #windows #opensource

GitHub - nikaiw/VMkatz: Extract Windows credentials directly from VM memory snapshots and virtual disks

Extract Windows credentials directly from VM memory snapshots and virtual disks - nikaiw/VMkatz

GitHub
r1cksecMar 27

Default TLS Exclusions for Palo Alto Networks Firewalls

https://gist.github.com/UNC1739/cc175d87b8623569844efadf224bd6ad

#infosec #cybersecurity #redteam #pentest

Default TLS Exclusions for Palo Alto Networks Firewalls

Default TLS Exclusions for Palo Alto Networks Firewalls - panw-exclusions.json

Gist
r1cksecMar 26

This repo contains the design plan and runbook for using Claude Code to search for Java Deserialization Gadget chains.

https://github.com/atredispartners/llmchainhunter

#infosec #cybersecurity #redteam #pentest #ai #llm #opensource

GitHub - atredispartners/llmchainhunter: Leveraging LLM to generate Java deserialization chains

Leveraging LLM to generate Java deserialization chains - atredispartners/llmchainhunter

GitHub
r1cksecMar 25

A project that loads .NET assemblies into memory within an IIS environment running in full‑trust mode. It uses reflective loading techniques to inject inside the memory space of the w3wp.exe worker pool process

https://github.com/zux0x3a/Phantom

#infosec #cybersecurity #redteam #pentest #windows