Cyber Podcaster/Hack The Narrative š¶š¦šÆš„
Doha, Qatar
Joined January 2020
- Tweets 3,357
- Following 1,038
- Followers 519
- Likes 5,331
Kamran Saifullah retweeted
VulnIndex ā the fastest way to find real security research
vulnindex.ys0.dev/
Kamran Saifullah retweeted
CVE-2025-59287 WSUS Remote Code Execution - @hawktrace
hawktrace.com/blog/CVE-2025-ā¦
Kamran Saifullah retweeted
Think your Active Directory has āa fewā service accounts? Think again. I wrote a super quick blog post on discovering (potential) service accounts via a PS script, how to clean them up, and some monitoring best practices when admins are misusing them. medium.com/@Debugger/we-haveā¦
I am attending WhiteHatDesert Conference 2025 at The NED in Doha, Qatar happening on 15th November 2025. #WHDCON2025
whd2025.kamransaifullah.com/
Kamran Saifullah retweeted
So special thanks to @M_haggis for taking it on, and giving the idea for a "ClickFix Wiki" a better home! It has been incorporated into his ClickGrab project. I wouldn't be able to maintain the site or resource, so I really appreciate him picking it up!
mhaggis.github.io/ClickGrab/
An idea I had some time ago was to create an open-source project with community contributions to centralize different social engineering lure techniques & native GUI tools that could be leveraged for ClickFix... a LOLBins-style site w/ mitigations. Video: piped.video/UQqsaO5k2M0
A jr pentestor is about a 7/10 in technical understanding and documentation
Zooming out the career ladder, it should be viewed at the upper end of mid level roles
I would argue that the massive flood of new people trying to ābreak inā as juniors has actually raised the bar for juniors. Every day, hundreds of people wake up and decide they want to become a 5up3r l33t penetration tester or hax0r. And thatās awesome. Thereās two problems though: 1) there just arenāt that many penetration testing roles available and 2) employers want to hire the best of the best.
We might not like it, but when thereās a major surplus of candidates (and there is), employers can afford to be picky. And they will be. Can you blame them? Thatās just supply and demand at work. When the market shifts and thereās a shortage of qualified talent for these roles, requirements loosen. But right now? The marketās flooded, the barās getting higher, and the competition is fierce. Plan and adjust accordingly.
Saw a project by one of the security professionals, took the idea and matured it with a bit more functionality, and started using it myself for my day-to-day operations.
@owasp wonder what you think on this :))
github.com/OWASP-WSTG-Progreā¦
Kamran Saifullah retweeted
Insane because Microsoft uses a tool like dnstwist to find lookalike domains in Defender for Office 365... but you have to pay for it
The good news is this tool is FREE, so everyone can and should monitor for lookalike domains:
dnstwist.it/
github.com/elceef/dnstwist
Kamran Saifullah retweeted
FYI: There has been an open RFC since 2021 to make install scripts opt-in for NPM: github.com/npm/rfcs/pull/488
About high time it is accepted and ratified! The pain of making this change will be ower than whatever horror will come next in the NPM ecosystem.
Kamran Saifullah retweeted
A threat actor installed Huntress.
... a hysterical mistake on their part, giving us first-hand insight to their tooling, workflow & routine. Phishing infra, stealer logs, Telegram+dark web sites, AI...
Hilarious goldmine of cybercrime deets with a front row seat: huntress.com/blog/rare-look-ā¦
Kamran Saifullah retweeted
šØ Russia-linked hackers just hit Kazakhstanās energy giant KazMunaiGas.
The opācodenamed BarrelFireāused fake IT emails and booby-trapped ZIP files to drop malware, hijack systems, and open a backdoor.
The worst part? It came from a real employeeās stolen account.
Read more ā thehackernews.com/2025/09/noā¦
Kamran Saifullah retweeted
In case you missed it. The recent SalesLoft breach started from the threat actors stealing secrets from their GitHub Actions environment after adding a user (sound familiar?)
trust.salesloft.com/?uid=Updā¦
Thanks @0xLupin for sharing the link!
Kamran Saifullah retweeted
The "Malware Analysis ā Intermediate Level" training by @struppigel is 60% off right now
Knowing the quality of his other content, Iād say this oneās definitely worth checking out
malwareanalysis-for-hedgehogā¦
Highly recommended course by brother Ahmed!
I just published the next video in my series on Malware Development fundamentals.
This one covers Module Stomping ā a powerful technique where attackers overwrite the memory of a loaded module to stealthily execute malicious code.
š In the video, I break down how it works and walk through example code step by step.
Watch here: piped.video/wrmxc-vWCUU
š” To go deeper and gain hands-on experience, Iām offering 30% off my Offensive Development & Tradecraft course for a limited time.
Use code: OFFDEV30 at checkout
š ask-academy.live/courses/offā¦
I'm releasing my new tool: DllShimmer š„ Weaponize DLL hijacking easily.
github.com/Print3M/DllShimmeā¦
- backdoor any function, no reverse engineering
- all functions proxied, no program crash
- built-in debug info and mutex to every function
- more...
#redteam #malware #security
This is amazing!
Iām excited to announce two major upgrades in our free product line:
š¦ Archive scanning is now unlocked in THOR Lite - including docx, xlsx, jar, war, and more
š§ YARA Forge (my own project) is now integrated ā extends the detection coverage with open source rules
š Also worth noting: SIGMA scanning has long been active in THOR Cloud Lite ā and we plan to unlock even more modules in the cloud version only later this year
Stay tuned
Kamran Saifullah retweeted
Still my favorite set of redirects. So many "hackers" probe these basic wordpress routes. Always nice to give them a pleasant distraction š
Kamran Saifullah retweeted
Ohhhh, sneaky masquerading trick found in the wild and noted by @JAMESWT_WT
The Threat Actor replaces / with "ć", a Japanese character
+2 cat pictures
