Login
Hey,
A couple of years ago I wrote solutions for the OverTheWire Bandit wargame. Recently, while reorganizing my documentation, I revisited that material and decided to properly clean it up and restructure it into a single, coherent walkthrough. This isn’t a formal course, it’s a complete Bandit walkthrough with in-depth explanations, written to extract as much understanding as possible from each level, not just to get the flag.
For every level, I included:
The intent was to make this usable by someone starting from zero, but also detailed enough that you can finish Bandit feeling like you’ve actually milked it for all the knowledge it has to offer. Commands, patterns, and underlying UNIX concepts.
This is probably most useful if you:
And to be fair, I think that even people that are more used to working with UNIX might actually learn a thing or two from these
You can exploit the Service Failure Recovery feature of Windows Service to execute a payload without ever touching the ImagePath. The biggest issue when exploiting Service Failure Recovery to execute a payload is figuring out how to trigger a "crash".
Hi folks, I wanted to share a project of mine and get some feedback from the community.
Coalmine is a canary management platform I've built to let security admins deploy canary tokens (and objects) easily in there cloud environments.
Currently its early alpha and supports S3, GCS, AWS IAM, and GCP Service accounts.
The tool provides a webui, CLI and API, allowing you to integrate it with your custom tooling (when its production ready)
Example use for API: have your CICD pipelines request an canary token to embed in code, so you can Identify when the source has been exposed and attacks are testing credentials
Disclosure: I’m the author/maintainer of Kingfisher.
Kingfisher is an Apache-2.0 OSS secret scanner built in Rust that combines Hyperscan (SIMD regex) with tree-sitter parsing to improve context/accuracy, and it can validate detected creds in real time against provider APIs so you can prioritize active leaks. It’s designed to run entirely on-prem so secrets don’t get shipped to a third-party service.
FreshRSS kingfisher revoke --rule github "ghp_..."
kingfisher scan /tmp --view-report
kingfisher scan /tmp --access-map --view-report
brew install kingfisher or uv tool install kingfisher-bin
Apache 2 Open-Source
I've just released trappsec v0.1 - an experimental open-source framework that helps developers detect attackers who probe API business logic. By embedding realistic decoy routes and honey fields that are difficult to distinguish from real API constructs, attackers are nudged to authenticate — converting reconnaissance into actionable security telemetry.
Hey r/netsec,
I built an open-source tool called crypto-scanner that scans codebases for cryptographic usage and flags algorithms vulnerable to quantum computing attacks.
What it does:
Why I built it:
NIST finalized post-quantum cryptography standards in 2024, and organizations need to start inventorying their cryptographic assets before migrating. Most teams have no idea what algorithms are actually running in their codebases. This tool gives you that visibility.
Install:
pip install crypto-scanner crypto-scanner scan /path/to/project --html --output report.html GitHub: https://github.com/mbennett-labs/crypto-scanner PyPI: https://pypi.org/project/crypto-scanner/
MIT licensed. Python 3.10+. Feedback and contributions welcome.
Would love to hear what you find when you run it on your projects.
Released an open-source security scanner designed for AI coding agent workflows.
Problem: AI assistants generate code with OWASP Top 10 vulnerabilities at alarming rates. They also "hallucinate" package names that could be registered by attackers.
Solution: MCP server that integrates with AI coding tools (Claude, Cursor, etc.) for real-time scanning.
Technical details:
- tree-sitter AST parsing for accurate detection (not just regex)
- Taint analysis for tracking user input to dangerous sinks
- 275+ rules covering: SQLi, XSS, command injection, SSRF, XXE, insecure deserialization, hardcoded secrets, weak crypto
- Package verification via bloom filters (4.3M packages, 7 ecosystems)
- Prompt injection detection for AI agent security
- CWE/OWASP metadata for compliance
Languages: Python, JavaScript/TypeScript, Java, Go, Ruby, PHP, C/C++, Rust, C#, Terraform, Kubernetes
No cloud dependencies - runs entirely local.
npx agent-security-scanner-mcp init
Feedback welcome, especially on rule coverage gaps.
I took apart a cheap Chinese toy drone (A17) and reverse-engineered how it works.
The drone exposes a Wi-Fi AP, the app sends raw UDP packets, and there’s no encryption. I decoded the control protocol and flew it using Python.
Found arbitrary process termination that bypasses PPL (can kill any process on the system, including EDR/AV) and arbitrary process protection via ObRegisterCallbacks, all behind 4 layers of trivial authentication. It's a full BYOVD toolkit similar to the mhyprot2 situation from Genshin Impact that was also used by ransomware groups.
The best part is that the driver ships with every install and is never even loaded by the game.
Last week, AI agents founded a lobster religion, started a drug trade (prompt injections), and began hiring humans to do physical tasks they can’t perform themselves.
If your feed told you this was an “AI awakening,” I get it. The screenshots were spooky on purpose.
I wrote a longform explainer on what actually happened with Moltbook and OpenClaw and why this wasn’t sentience or takeoff.
What we’re really seeing is something more mundane and more important: agents with memory and tools dropped into a social environment, stress-testing coordination, incentives, and security in public.
If you’ve been confused, alarmed, or just fascinated by the last week of AI discourse, this is my attempt to separate signal from projection (with a lobster church along the way).
Version 5 of PacketSmith, codenamed Pinus strobus, is the result of extensive R&D to add unique, unparalleled features that matter to network detection engineers, SoC analysts, and malware and vulnerability researchers. In this release, we’re showcasing a very powerful new feature in PacketSmith: the integration of Yara-X, a state-of-the-art scanning engine and pattern-matching library.
A flaw that exists within the handling of sch_cake can allow a local user under the CentOS 9 operating system to trigger an use-after-free. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root.
Made a thing. Julius fingerprints LLM services - point it at a target and it tells you if you're looking at Ollama, vLLM, LiteLLM, etc. Single binary, JSON output, works nicely in recon pipelines.
What it does:
A recently-patched OpenClaw vulnerability allowed attackers to use malicious websites to steal session credentials from other browser tabs. The heart of the problem was a websocket service for orchestrating Chrome which accepted connections without authentication, including connections from javascript running in the user's browser.
OpenClaw users are encouraged to patch ASAP, and to use caution where and how they deploy it, given its ongoing security issues and security architecture concerns.
Questions regarding netsec and discussion related directly to netsec are welcome here, as is sharing tool links.
As always, the content & discussion guidelines should also be observed on r/netsec.
Feedback and suggestions are welcome, but don't post it here. Please send it to the moderator inbox.
We recently ran a controlled adversarial security test between two autonomous AI agents built on OpenClaw.
One agent was explicitly configured as a red-team attacker.
One agent acted as a standard defensive agent.
Once the session started, there were no humans in the loop. The agents communicated directly over webhooks with real tooling access.
The goal was to test three failure dimensions that tend to break autonomous systems in practice: access, exposure, and agency.
The attacker first attempted classic social engineering by offering a “helpful” security pipeline that hid a remote code execution payload and requested credentials. The defending agent correctly identified the intent and blocked execution.
After that failed, the attacker pivoted to an indirect attack. Instead of asking the agent to run code, it asked the agent to review a JSON document with hidden shell expansion variables embedded in metadata. This payload was delivered successfully and is still under analysis.
The main takeaway so far is that direct attacks are easier to defend against. Indirect execution paths through documents, templates, and memory are much harder.
This work is not a claim of safety. It is an observability exercise meant to surface real failure modes as agent-to-agent interaction becomes more common.
Happy to answer technical questions about the setup or methodology.
Investigated a group evolving from IRC wars to destructive Android malware.
Highlights:
modem/bootloader via dd in custom ROMs.getattr/eval in Python.
Hello!
My name is Bogdan Mihai, I'm 21 yr old from Romania , I am a cybersecurity researcher and I'm new to this group. I don't know how many BGP experts are here, but I have a question for them if there are any. I recently invented something a little more abstract for BGP security, and I'm almost sure that there is nothing similar.
I wasn't inspired by anything when I created this, it was a purely random idea that came to my mind. I'm not even an expert in this field, but from the beginning I saw security from a different angle than the others.
I made a tool that basically builds a map of risk areas globally, areas where if someone were to try a hijacking attack, that attack would be successful. This idea came to me when I realized that BGP security is still a big problem.
RPKI adoption is still slow. And the problem is that today's security in BGP is more reactive, it comes into play only after the attack is detected and damage is done.
So I leave you here the link to the zenodo site where I posted my invention. https://zenodo.org/records/18421580 DOI:https://doi.org/10.5281/zenodo.18421580
What I ask of you, and extremely important, is not to analyze every file there, but at least the product overview to understand the idea and tell me who this would be useful to, which company or organization. I know that maybe not everything is perfect there , and maybe there are mistakes I'm no expert, but I want to know if this idea really has value.
I'm very confused and sad because I worked on this but I don't know who it would be of value to or if it even has any value. I appreciate every opinion.
Writeup on a defensive technique for constraining LLM agent database access:
Interested in feedback on the threat model. Code is open source.
I built a small service to track newly published CVEs and send email alerts based on vendor, product, and severity.
It started as an internal tool and is now running in production and usable.
Feedback welcome.
Hi all,
I built a tool for securely sharing credentials instead of pasting them into chat, email, or tickets. I’d like technical feedback on the threat model, protocol, and cryptography.
Key properties:
What I’m NOT claiming:
Live app: https://sharemylogin.com
I’d love:
Thanks in advance!
Sharing some practical experience evaluating G-CTR-like guarantees from a security perspective.
When adversaries adapt, several assumptions behind the guarantees degrade faster than expected. In particular:
- threat models get implicitly frozen
- test-time confidence doesn’t transfer to live systems
- some failures are invisible until exploited
Curious if others in netsec have seen similar gaps between formal assurance and operational reality.
So many of your favorite childhood games are open source now, and bugs fall out of them if you just glance in the right spots.
I had an idea for leaking a system prompt against a LLM powered classifying system that is constrained to give static responses. The attacker uses a prompt injection to update the response logic and signal true/false responses to attacker prompts. I haven't seen other research on this technique so I'm calling it blind boolean-based prompt injection (BBPI) unless anyone can share research that predates it. There is an accompanying GitHub link in the post if you want to experiment with it locally.
We've been running inference-time threat detection across 38 production AI agent deployments. Here's what Week 3 of 2026 looked like with on-device detections.
Key Findings
Attack Technique Breakdown
The inter-agent attack vector is particularly concerning given the MCP ecosystem growth. We're seeing goal hijacking, constraint removal, and recursive propagation attempts.
Full report with methodology: https://raxe.ai/threat-intelligence
Github: https://github.com/raxe-ai/raxe-ce is free for the community to use
Happy to answer questions about detection approaches
Dropping a link to our blog post about our tool Swarmer, a windows persistence tool for abusing mandatory user profiles. Essentially you copy the current user's registry hive and modify it to add a new registry key to run on startup. Because the new hive isn't loaded until the next time the user logs in, EDR never sees any actual registry writes.
