105 Pull requests merged by 5 people

• Research Update Enhanced src/AI/AI-llm-architecture/2.-data-...

  #1234 merged Aug 4, 2025

• Research Update Enhanced src/generic-methodologies-and-resou...

  #1235 merged Aug 4, 2025

• Let's Clone a Cloner – Part 3 Putting It All Together

  #1221 merged Aug 4, 2025

• Before ToolShell Exploring Storm-2603’s Previous Ransomware ...

  #1223 merged Aug 4, 2025

• Research Update Enhanced src/macos-hardening/macos-security-...

  #1198 merged Jul 30, 2025

• Research Update Enhanced src/AI/AI-Unsupervised-Learning-Alg...

  #1199 merged Jul 30, 2025

• Research Update Enhanced src/mobile-pentesting/ios-pentestin...

  #1200 merged Jul 30, 2025

• Research Update Enhanced src/binary-exploitation/libc-heap/u...

  #1201 merged Jul 30, 2025

• Research Update Enhanced src/network-services-pentesting/pen...

  #1204 merged Jul 30, 2025

• ToxicPanda Android Banking Malware 2025 Study

  #1205 merged Jul 30, 2025

• Research Update Enhanced src/mobile-pentesting/android-app-p...

  #1207 merged Jul 30, 2025

• SQLMap Testing SQL Database Vulnerabilities

  #1208 merged Jul 30, 2025

• Stack Overflows, Heap Overflows and Existential Dread SonicW...

  #1209 merged Jul 30, 2025

• The Covert Operator's Playbook Infiltration of Global Teleco...

  #1211 merged Jul 30, 2025

• Research Update Enhanced src/binary-exploitation/arbitrary-w...

  #1212 merged Jul 30, 2025

• Research Update Enhanced src/generic-hacking/reverse-shells/...

  #1194 merged Jul 29, 2025

• Research Update Enhanced src/todo/radio-hacking/infrared.md

  #1195 merged Jul 29, 2025

• Research Update Enhanced src/linux-hardening/privilege-escal...

  #1196 merged Jul 29, 2025

• YSoNet .NET Deserialization Payload Generator

  #1197 merged Jul 29, 2025

• Research Update Enhanced src/pentesting-web/deserialization/...

  #1181 merged Jul 28, 2025

• Research Update Enhanced src/mobile-pentesting/android-app-p...

  #1183 merged Jul 28, 2025

• Exploiting zero days in abandoned hardware

  #1184 merged Jul 28, 2025

• Research Update Enhanced src/macos-hardening/macos-security-...

  #1185 merged Jul 28, 2025

• Android Services 101

  #1186 merged Jul 28, 2025

• CVE-2025-27136 – LocalS3 CreateBucketConfiguration XXE Injec...

  #1187 merged Jul 28, 2025

• Make Sure to Use SOAP(y) – An Operators Guide to Stealthy AD...

  #1189 merged Jul 28, 2025

• Research Update Enhanced src/mobile-pentesting/android-app-p...

  #1190 merged Jul 28, 2025

• The Homograph Illusion Not Everything Is As It Seems

  #1191 merged Jul 28, 2025

• Deobfuscating Android Apps with Androidmeda A Smarter Way to...

  #1175 merged Jul 24, 2025

• Research Update Enhanced src/pentesting-web/xss-cross-site-s...

  #1176 merged Jul 24, 2025

• Legless IPv6 Penetration Testing

  #1177 merged Jul 24, 2025

• Research Update Enhanced src/windows-hardening/active-direct...

  #1179 merged Jul 24, 2025

• The Dark Side of Romance SarangTrap Extortion Campaign

  #1180 merged Jul 24, 2025

• Research Update Enhanced src/generic-methodologies-and-resou...

  #1158 merged Jul 23, 2025

• Research Update Enhanced src/todo/hardware-hacking/side_chan...

  #1161 merged Jul 23, 2025

• Research Update Enhanced src/network-services-pentesting/pen...

  #1162 merged Jul 23, 2025

• Research Update Enhanced src/network-services-pentesting/pen...

  #1170 merged Jul 23, 2025

• Research Update Enhanced src/macos-hardening/macos-security-...

  #1171 merged Jul 23, 2025

• Research Update Enhanced src/generic-methodologies-and-resou...

  #1173 merged Jul 23, 2025

• Android Manifest Misconfiguration Leading to Task Hijacking ...

  #1164 merged Jul 23, 2025

• Research Update Enhanced src/pentesting-web/web-vulnerabilit...

  #1166 merged Jul 23, 2025

• Research Update Enhanced src/network-services-pentesting/pen...

  #1157 merged Jul 22, 2025

• Research Update Enhanced src/todo/rust-basics.md

  #1154 merged Jul 22, 2025

• SharePoint 0-day uncovered (CVE-2025-53770)

  #1165 merged Jul 22, 2025

• Research Update Enhanced src/mobile-pentesting/cordova-apps....

  #1169 merged Jul 22, 2025

• Active Exploitation of Microsoft SharePoint Vulnerabilities ...

  #1167 merged Jul 22, 2025

• Research Update Enhanced src/pentesting-web/ssrf-server-side...

  #1153 merged Jul 22, 2025

• I’d Like to Speak to Your Manager Stealing Secrets with Mana...

  #1152 merged Jul 22, 2025

• Research Update Enhanced src/linux-hardening/privilege-escal...

  #1155 merged Jul 22, 2025

• 101 Chrome Exploitation — Part 0 Preface

  #1156 merged Jul 22, 2025

• Update golden-dmsa-gmsa.md

  #1160 merged Jul 21, 2025

• Remote Input Injection Vulnerability in Air Keyboard iOS App...

  #1144 merged Jul 19, 2025

• Research Update Enhanced src/network-services-pentesting/pen...

  #1146 merged Jul 19, 2025

• Remote Code Execution Discovered in Xtool AnyScan App — Risk...

  #1145 merged Jul 19, 2025

• Hiding in the Shadows Covert Tunnels via QEMU Virtualization

  #1147 merged Jul 19, 2025

• CVE-2024-12029 – InvokeAI Deserialization of Untrusted Data ...

  #1148 merged Jul 18, 2025

• Research Update Enhanced src/generic-methodologies-and-resou...

  #1149 merged Jul 18, 2025

• MS-RPC Fuzzer

  #1132 merged Jul 17, 2025

• Golden dMSA

  #1140 merged Jul 17, 2025

• Research Update Enhanced src/mobile-pentesting/ios-pentestin...

  #1142 merged Jul 17, 2025

• Research Update Enhanced src/macos-hardening/macos-security-...

  #1143 merged Jul 17, 2025

• NTLM Reflection is Dead, Long Live NTLM Reflection! – Deep A...

  #1137 merged Jul 17, 2025

• Framework 13. Press here to pwn

  #1130 merged Jul 17, 2025

• Research Update Enhanced src/binary-exploitation/common-bina...

  #1131 merged Jul 17, 2025

• Automating MS-RPC vulnerability research

  #1133 merged Jul 16, 2025

• Research Update Enhanced src/pentesting-web/crlf-0d-0a.md

  #1135 merged Jul 16, 2025

• Research Update Enhanced src/mobile-pentesting/android-app-p...

  #1136 merged Jul 16, 2025

• eSIM security

  #1128 merged Jul 16, 2025

• Fix the Click Preventing the ClickFix Attack Vector

  #1123 merged Jul 16, 2025

• Research Update Enhanced src/macos-hardening/macos-security-...

  #1124 merged Jul 16, 2025

• Research Update Enhanced src/network-services-pentesting/512...

  #1126 merged Jul 15, 2025

• Research Update Enhanced src/windows-hardening/active-direct...

  #1127 merged Jul 15, 2025

• Shizuku Unlocking Advanced Android Capabilities Without Root

  #1122 merged Jul 15, 2025

• SugarCRM ≤ 14.0.0 (css/preview) LESS Code Injection Vulnerab...

  #1119 merged Jul 15, 2025

• Pre-auth SQL Injection to RCE in Fortinet FortiWeb Fabric Co...

  #1100 merged Jul 14, 2025

• Research Update Enhanced src/network-services-pentesting/pen...

  #1096 merged Jul 13, 2025

• Hijacker on the Samsung Galaxy S10 with wireless injection

  #1097 merged Jul 13, 2025

• Evolving Tactics of SLOW#TEMPEST A Deep Dive Into Advanced M...

  #1098 merged Jul 13, 2025

• Research Update Enhanced src/pentesting-web/http-connection-...

  #1099 merged Jul 12, 2025

• Research Update Enhanced src/pentesting-web/http-request-smu...

  #1104 merged Jul 12, 2025

• Research Update Enhanced src/linux-hardening/privilege-escal...

  #1110 merged Jul 12, 2025

• Research Update Enhanced src/pentesting-web/rate-limit-bypas...

  #1095 merged Jul 12, 2025

• Research Update Enhanced src/todo/radio-hacking/low-power-wi...

  #1109 merged Jul 12, 2025

• Dojo CTF Challenge #42 Hex Color Palette XXE File Disclosure...

  #1101 merged Jul 12, 2025

• Research Update Enhanced src/windows-hardening/active-direct...

  #1105 merged Jul 12, 2025

• nginx try_files directive with variables

  #1102 merged Jul 12, 2025

• Add content: Research Update Enhanced src/pentesting-web/sql-injection/ms...

  #1087 merged Jul 11, 2025

• Add content: Research Update Enhanced src/mobile-pentesting/ios-pentestin...

  #1089 merged Jul 11, 2025

• Research Update Enhanced src/linux-hardening/privilege-escal...

  #1092 merged Jul 11, 2025

• CVE-2025-27636 – Remote Code Execution in Apache Camel via C...

  #1093 merged Jul 10, 2025

• Add content: Research Update Enhanced src/mobile-pentesting/android-app-p...

  #1086 merged Jul 10, 2025

• Add content: Research Update Enhanced src/generic-hacking/tunneling-and-p...

  #1085 merged Jul 10, 2025

• Add content: Research Update Enhanced src/network-services-pentesting/pen...

  #1084 merged Jul 10, 2025

• Laravel APP_KEY leakage analysis

  #1091 merged Jul 10, 2025

• McHire Chatbot Platform Default Credentials and IDOR Expose ...

  #1090 merged Jul 10, 2025

• Add content: Research Update Enhanced src/windows-hardening/windows-local...

  #1083 merged Jul 10, 2025

• Add content: Research Update Enhanced src/windows-hardening/active-direct...

  #1088 merged Jul 10, 2025

• Add content: Research Update Enhanced src/network-services-pentesting/pen...

  #1082 merged Jul 10, 2025

• Add content: Research Update Enhanced src/generic-methodologies-and-resou...

  #1076 merged Jul 9, 2025

• Add content: CVE-2025-1729 - Privilege Escalation Using TPQMAssistant.exe

  #1046 merged Jul 9, 2025

• Added TimeRoasting and how to exploit

  #1053 merged Jul 9, 2025

• Add content: NoSQL Error-Based Injection

  #1043 merged Jul 8, 2025

• Add content: From Trust to Threat Hijacked Discord Invites Used for Multi...

  #1042 merged Jul 8, 2025

• added ffplay command to view RTSP stream

  #1034 merged Jul 8, 2025

• Add content: CVE-2024-44236 Remote Code Execution in Apple macOS sips Uti...

  #1041 merged Jul 8, 2025

16 Pull requests opened by 1 person

• Research Update Enhanced src/linux-hardening/privilege-escal...

  #1213 opened Jul 30, 2025

• 2025 Unit 42 Global Incident Response Report Social Engineer...

  #1214 opened Jul 30, 2025

• Unauthenticated Arbitrary File Deletion Vulnerability in Lit...

  #1216 opened Jul 30, 2025

• Research Update Enhanced src/pentesting-web/xss-cross-site-s...

  #1217 opened Jul 31, 2025

• Research Update Enhanced src/macos-hardening/macos-security-...

  #1218 opened Jul 31, 2025

• Laravel APP_KEY Leakage Analysis

  #1219 opened Jul 31, 2025

• Research Update Enhanced src/network-services-pentesting/700...

  #1220 opened Jul 31, 2025

• Research Update Enhanced src/pentesting-web/json-xml-yaml-ha...

  #1224 opened Aug 1, 2025

• Research Update Enhanced src/reversing/reversing-tools-basic...

  #1225 opened Aug 1, 2025

• PlayPraetor’s evolving threat How Chinese-speaking actors gl...

  #1226 opened Aug 1, 2025

• Research Update Enhanced src/pentesting-web/xss-cross-site-s...

  #1227 opened Aug 1, 2025

• Research Update Enhanced src/network-services-pentesting/240...

  #1229 opened Aug 2, 2025

• Research Update Enhanced src/pentesting-web/deserialization/...

  #1230 opened Aug 2, 2025

• Research Update Enhanced src/linux-hardening/privilege-escal...

  #1232 opened Aug 3, 2025

• Research Update Enhanced src/pentesting-web/deserialization/...

  #1233 opened Aug 3, 2025

• Practical Guide to IPv6 Attacks in a Local Network

  #1237 opened Aug 4, 2025

1 Issue closed by 1 person

• Bg678

  #1193 closed Jul 28, 2025

2 Unresolved conversations

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• Potential Hacktricks based enumeration Platform.

  #85 commented on Aug 2, 2025 • 0 new comments

• Red Teaming Scenarios

  #896 commented on Aug 2, 2025 • 0 new comments