zh4ck

@[email protected]
355 Followers
552 Following
446 Posts
Evolve or Die!
Head of Vuln Research Lab at CUJO AI
Volunteer at IoTVillage
Hackersuli Meetup
Hacktivity
tfr
twittertwitter.com/zh4ck
bloghttps://httpscolonforwardslashforwardslashwwwdotzoltanbalazsdotcom.com/
githubhttps://github.com/Z6543
ENSzh4ck.eth
zh4ckFeb 2
buheratorJan 31
Supply chain attack on eScan antivirus

https://securelist.com/escan-supply-chain-attack/118688/

A threat that many people have warned about for a long time. A bit ironic to read this on Kaspersky's site...

h/t @zh4ck
Supply chain attack on eScan antivirus: detecting and remediating malicious updates

On January 20, Kaspersky solutions detected malware used in eScan antivirus supply chain attack. In this article we provide available information on the threat: indicators of compromise, threat hunting and mitigating tips, etc.

Kaspersky
zh4ckJan 28
Sean GallagherJan 28
When your DDoS tool is so bad people leave negative reviews on TrustPilot.
zh4ckDec 19
mahalozDec 17

Do LLMs actually help hackers reverse engineer and understand the software they want to exploit?

We ran the first fine-grained human study of LLMs + reverse engineering.
To appear at NDSS 2026.

Interested? Some quick findings in ๐Ÿงต๐Ÿ‘‡
Paper: https://www.zionbasque.com/files/papers/dec-synergy-study.pdf

zh4ckDec 16
The Hackerโ€˜s ChoiceDec 16

THC Release ๐Ÿ’ฅ: The worldโ€™s largest IP<>Domain database: https://ip.thc.org

All forward and reverse IPs, all CNAMES and all subdomains of every domain. For free.

Updated monthly.

Try: curl https://ip.thc.org/1.1.1.1

Raw data: https://ip.thc.org/docs/bulk-data-access

(The fine work of messede ๐Ÿ‘Œ)

What does everyone think? Need feedback before release tomorrow :)

zh4ckDec 16
n3tcat ๐Ÿˆ ๐Ÿ‡จ๐Ÿ‡ฆDec 16
Just got back from the computer amusement park. I really liked the vector trampolines but my favourite ride was probably the nop slide
zh4ckSep 2, 2025
VNC ResolverAug 30, 2025
IP/Port: 71.232.197.121:5900
Hostname: c-71-232-197-121.hsd1.ma.comcast.net
Client Name: Default HMI
Location: Newfields, New Hampshire, US ๐Ÿ‡บ๐Ÿ‡ธ
ASN: AS7922 Comcast Cable Communications, LLC
VNC Password: 111111
ID: 55763152
Added to DB: 05/09/2025, 09:29:05 PM (UTC)
Last seen: 05/09/2025, 05:28:52 PM (UTC)
https://computernewb.com/vncresolver/browse#id/55763152
zh4ckJul 5, 2025
leyrerAug 10, 2024
#campplusplus this year is, again, fabulous. Highly recommended to attend.
zh4ckJul 3, 2025
Show threadVissJul 3, 2025

i never got to meet any of the sysadmins or network folks at all. i was kept in a bullpen style office with 2 other guys and all we did all day was password resets, cable punchdown work, and replacing keyboards. tons of websites were blocked and they blocked outbound ssh as well.

but being an enterprising young nerd with a redhat box at home, i decided to run telnet on port 80 to see if i could squeak past their shortsighted ruleset, and it totally worked

zh4ckJul 3, 2025
VNC ResolverJul 3, 2025
IP/Port: 84.2.144.168:5901
Hostname: 540290a8.dsl.pool.telekom.hu
Client Name: HMI WebServer
Location: Budapest, HU ๐Ÿ‡ญ๐Ÿ‡บ
ASN: AS5483 Magyar Telekom Plc.
VNC Password: 1
ID: 93206008
Added to DB: 05/08/2025, 04:27:42 PM (UTC)
Last seen: 05/08/2025, 12:25:39 PM (UTC)
https://computernewb.com/vncresolver/browse#id/93206008
zh4ckJul 3, 2025
cR0w   Jul 2, 2025
New CVSS perfect 10 logo.