Time for another live online event! We're hosting a one-day #DEFCON China Party. Join us 3/20 for a custom XRspace VR environment and a full day of DC...

我发现 Windows 10 至少在 20H2 v2 之后默认带的就是新 Edge 了。而且在新 Edge 的“应用”里默认把 Office 全家桶都装上了。新 Edge 的“应用”是类似 HTML5 小程序的概念，而且和系统开始菜单集成。不论网站支不支持 PWA 都可以作为“应用”安装。Google 这得多憋屈啊……

《通达 OA 11.7 有条件的任意命令执行》作者：LoRexxar'@知道创宇404实验室网页链接这是一个由有条件的任意用户登录+低权限文件上传+低权限目录穿越+低权限文件包含组成。可能是盯着国内OA的人太多了，这个漏洞在2020年9月28号的11.8版本中被更新修复，比较可惜的是，一次更新修复了全 ...全文

New XSS challenge by @SecurityMB

We've expanded our Process Injection technique collection. Papers on APC Queue abuse / injection by @modexpblog, @spotheplanet, 3xpl01tc0d3r, and CIA/...

Re @THB_STX @AnubisOnSec @shade_nyc

我觉得不好的事情少发生是美好的，有的人觉得出事了有责任人分清了对错就是美好的

Re @ykco_z 🌚能不能给apt留点面子

Re @orange_8361 exchange 🌝?

君子不立于危墙之下是君子不立于危墙之下，危房改造是危房改造。君子不立于危墙之下和危房改造是不矛盾的。是不是有点啰嗦？我也觉得有点啰嗦。但就这么简单到说出来都觉得罗嗦的道理，大批的人不愿意想明白。

有的司机即便拉了去西四环的活儿也对管理员说“去酒仙桥”。还是得有系统把这事儿给监管起来。

RT Nikita Kronenberg: When I’m running errands, messy bun getting it done, I take my mask off in the car. This prevents me from putting it on surface...

The choices are: Cryptonomicon - Neal Stephenson AntiAmerica - TK Falco Rogue Code - Mark Russinovich Blackout - Mark Elsberg Stealing the Network - v...

RT car夫car: Got my #badgelife out of storage today. About halfway done getting the my office ready. @ANDnXOR @CypherCon @hackaday @CarHackVillage @Cr...

不需要专用接口，高压线是裸露的，可以直接搭线取电。我问过相关专业的人，可行：网页链接 //@文光围脖1:好主意

#蚂蚁呀嘿视频大赛##信息安全##隐私保护##ai换脸技术# 听说最近爆火的“蚂蚁呀嘿”生产软件 Avatarify 因为隐私安全问题已经从 App Store 下架了？ 果然是《前“ZAO”不忘，“蚂蚁呀嘿”之师》前“ZAO”不忘，“蚂蚁呀嘿”之师 GeekPwn的微博视频

丧心病狂//@安全_云舒:我看着我孩子，就像看着小时候的自己。这位烈士妈妈，如果有孙子孙女，看着他们就会像看着自己儿子小时候，也算是一点抚慰。

RT MrR3b00t | it's safe just don't go outside: I earned a badge from Zero-Point Security!

Pillager - Filesystems For Sensitive Information With Go

Fake-Sms - A Simple Command Line Tool Using Which You Can Skip Phone Number Based SMS Verification By Using A Temporary Phone Number That Acts Like A ...

办公室恋情进阶指南，供单身狗们参考。

Microsoft would like to thank our industry colleagues at Volexity and Dubex for reporting different parts of the attack chain and their collaboration ...

Today, we released several security updates for Microsoft Exchange Server to address vulnerabilities under limited, targeted attacks. We recommend cus...

Re @l0gicbreaker @LaxmanMuthiyah We manage our own bounty programs from Azure to Office and Xbox. check out

Re @ghidraninja that's right, I heard aleph one makes some designer rop chains, gotta hit him up.

My rap name is "Lil Endian".

Hafnium 4:08EST

"X Window System virus warning! This joke notice from 30? years ago describes X Window as a virus that escaped from MIT and infected DEC", courtesy of...

Re @LaxmanMuthiyah Thanks so much for sharing your research!  Well done.

Sick one, Congrats!

Re @Ynoof5 Thanks, appreciate it!

The patch release of this BIG ONE is coming soon, and a short advisory is also standing by! (BTW, no one guess the right target in comments😛)

csh98036 has started a poll on the forums for the next Book Club - interested? Go vote!

Sometimes, the answer does not exist... literally! Try using null values or empty arrays to bypass back-end logic. Thanks for the great #BugBountyTip,...

We may on occasion share news about leaks. vx-underground does not distribute leaks or "hacked content". Please do not contact us asking for leaked ma...

Re @hogarth45_ Hi Jesse - thanks for the suggestion. We'll discuss this with the dev team to see if its something we might be able to add as a feature...

联想、四通、方正，上古 IT 企业名字都是一板一眼的。到了百度、阿里、腾讯，增加了一点洋气，但也不失正经。再之后就是蚂蚁金服、小桔科技、三快科技、字节跳动、哔哩哔哩……

Gatekeeper - First Open-Source DDoS Protection System

Re @krizzsk Appreciate it, my friend! 🙂

Re @rst10124492 Of course people do not do that to spite me. They are not even aware. But if what I'm saying had no sense, it would be impossible to t...

应该给蔡英文点一首 Beyond 的《黑凤梨》。

OWASP ASST (Automated Software Security Toolkit) - A Novel Open Source Web Security Scanner

多好，现学js现写插件。

以“女昏马户”这个词为代表的话语体系和以“内卷”这个词为代表的话语体系几乎是同时开始流行的。

四手同切一蛋糕，四人共享两头发

看到“好嫁风”三个字就嗷了起来，回头看到电视剧准得疯。那个剧是根据漫画《涩女郎》改编的。2002 年拍过一版，宋轶的角色在那一版里是刘若英演的，外号叫“结婚狂”。看这三个字就能想像人物性格了。“结婚狂”“结婚狂”“结婚狂”

[黑(锅)鸡汤]“不忘初心”也需要“难得糊涂”，所以不用纠结是不是开了美颜或者是不是纯天然了！

RT Jake Miller: Just when you thought JSON was the one thing you could trust. My latest research on JSON interoperability vulnerabilities highlights t...

因为这不是他研究的。内容抄自《回顾与思考——1950 年代中苏军事关系若干问题》网页链接  //@胡萝卜怎么了: 这导演谁啊，研究的这么透彻，还这么冷门//@tombkeeper:总算知道博古、李德那套“御敌于国门之外”是从哪儿学来的了。//@安全_云舒:这个有点意思。//@来去之间://@歌唱生活:

总算知道博古、李德那套“御敌于国门之外”是从哪儿学来的了。//@安全_云舒:这个有点意思。//@来去之间://@歌唱生活:

#RedTips Bypass Av Dump lsass.exe Example: createdump.exe -u -f  xxx.dump  pid powershell -c .\createdump.exe -u -f lsass.dmp (Get-Process lsass).id ....

RT bopin: I found a new trick that could dump lsass process memory with createdump.exe .NET5. If you look at .NET5,even .NET6 preview 1,It's nothing d...

Immunity Inc's CANVAS Exploit Pack, containing 800+ 1days is on RaidForums. This is where you'll find the weaponized Spectre exploit. It was shared Fe...

RT miss jackalope: Don't forget this is still a thing!

RT cje: so i did a little nesting over the weekend... wifey had the brilliant idea of using blu-tack instead of "stickering" #virtualstickerswap  gree...

想想长宁劳动监察大队的监察结果(不存在的) //@安全_云舒 :关注。//@红茶魔术猫 :“杭州也一国两制就好了”//@装甲北极白熊 :？//@在下黄昏鸟 ://@Cato_Maior :啧啧啧//@重治 ://@带奈桐叶 :有人民富豪，自然也有为人民富豪服务的人民家丁嘛//@千语之风 ://@爱因兹贝伦RCS : 转发微博

CornerShot - Amplify Network Visibility From Multiple POV Of Other Hosts

Re @0x0elshamy الله يبارك فيك ، تقدر تشوف كورس  @Zigoo0 علي اليوتيوب وهتستفاد كتير  واتمنى لك ...

BRAVE: The browser that rethinks the web: load pages 3x to 6x faster then opera and chrome, block ads & trackers that follow you around, unparalleled ...

Halogen - Automatically Create YARA Rules From Malicious Documents

Re @burhan__xd Awesome work!

Today is world compliment day! Which hacker deserves your compliments? Let us know!👇

This person is vx-underground certified. He is the real deal.

A few study notes on bootloaders.

I would really like if people stopped to list my name when thanking for "great content" along with people who talked sh*t about me. It annoys me every...

Re @CurseRed 😂😂

RT Yan: “They’re parsing JSON. A whopping 10 megabytes worth of JSON with some 63k item entries.”

Re @jaredhaight I saw your Tweet about PowerToys - never heard of it before so gave it a look.  Love the Markdown preview in Explorer.

RT Melvin langvik: Thanks to everyone who joined in yesterday, had a blast! If you missed it, you can watch the recording here

Re @digininja Thanks for the screenshot, that helps! Is this something you'd just want to see in the Raw view for requests that don't have a Pretty mo...

据说当年雍正上台后，把老九改名为塞思黑。外媒评论：任天堂《塞尔达传说》系列35年，居然没有黑人公主？

G社的礼物真是折腾，快四个月才收到

RT Shatter: Very strong @defcon vibes going on here.

RT InfoCon: While adding new updates to the

Re @infoseccomm @seqrity9 Thanks for the feedback, we've passed that on so we can have a look into how the extension list could be displayed to help y...

Re @int0x21h Hi! What we can help with? -

Re @agarri_fr We've associated this thread with our ongoing feature request to support the renewal of Lets Encrypt certificates. Unfortunately, this i...

真牛，果然是一个文件，全平台运行

OpenWifiPass - An Open Source Implementation Of Apple's Wi-Fi Password Sharing Protocol In Python

StandIn - A Small .NET35/45 AD Post-Exploitation Toolkit

A payload to detect incognito mode in Chromium, by @RenwaX23

Re @intigriti 0221 challenge writeups: @CmdEngineer_ :  @davwwwx:  Ilja Sirosh:  @0xkasper:  @spooky360:

Imperva WAF bypass payload by @0xInfection  <a/href="j%0A%0Davascript:{var{3:s,2:h,5:a,0:v,4:n,1:e}='earltv'}[self][0][v+a+e+s](e+s+v+h+n)(/infected/....

Re @bishal0x01 @Bugcrowd That looks like already in use because cart says "Domain Broker Service" as commission fees to get it from owner.

迷信 改运

Re @d35hax @modexpblog

RT d35ha: Recently, I've decided to refactor my old projects, here is the first one, CallObfuscator [

最近美团怎么回事。。。准时保应该赔惨了吧。。。

《SaltStack 远程执行代码多个高危漏洞透析（CVE-2021-252812528225283）》作者： 1mperio@云鼎实验室网页链接北京时间2月26日凌晨3点，SaltStack官方发布高危漏洞风险通告，包含CVE-2021-25281、25282、25283……

回复@堇芨: 网页链接 //@堇芨:我猜你是妹子//@tombkeeper:恰恰相反。荷兰有一项研究回顾了 11 篇相关论文，结论是：健康男性怎么尿都行，但有前列腺疾病的人坐着可以尿得更干净。//@堇芨:身体结构导致坐着会尿不干净，一看你就是拍脑袋发言哈哈

恰恰相反。荷兰有一项研究回顾了 11 篇相关论文，结论是：健康男性怎么尿都行，但有前列腺疾病的人坐着可以尿得更干净。//@堇芨:身体结构导致坐着会尿不干净，一看你就是拍脑袋发言哈哈

想问题的时候，“大概一想”是最爽的，又轻松，又快乐。如果仔细想，一来费脑子，二来可能会发现一开始想错了。又不轻松，又不快乐。

早年美国总统都是3月4号就职。后来感觉和大选出结果的时间差太远才改到1月20。//@邢立达:有意思……看新闻是“特朗普会在今年3月4日就职成为美国总统”，为啥是4号？

Re @Ed_Geraghty No ☹️

Re @Ed_Geraghty 4% 👀

Next week: -Continue expanding the Process Injection collection -Additions to the VXUG Threat Collection page -More papers && Thank you to our recent ...

ScareCrow - Payload Creation Framework Designed Around EDR Bypass

WdToggle - A Beacon Object File (BOF) For Cobalt Strike Which Uses Direct System Calls To Enable WDigest Credential Caching

RT Melvin langvik: Going live in ~2 hours, some c# hackery and 🍻