Hi all, 

I have released and published the following blogpost about implementing Hell's Gate (classic direct SysCall) injection technique in Zig. 

https://0xsp.com/security%20research%20%...ig-part-1/

Sir can you give me a suggestion for a payload xss bypas ?

This repository is intended for pentesters and red teamers using a variety of offensive security tools during their assessments. The repository is a collection of useful tools suitable for assessments in internal environments. We fetch and compile the latest version of each tool on a regular basis and provide it to you as a release.
You don't have to worry about updating and compiling the tools yourself. Just download the latest release and find all the awesome tools you will need in a single archive.
https://github.com/Syslifters/offsec-tools

Link:
https://github.com/danieldurnea/rdp-free

A series of scripts to harden macOS 15.5 (Sequoia) for security and
privacy, inspired by NIST guidelines. Suitable for power users and
novices alike. This project evolved from the macOS Security Compliance
Project, a Python-based tool, with the current focus on Bash scripts
while preserving legacy features.
https://github.com/cluster2600/ALBATOR

https://hackread.com/xss-is-cybercrime-f...ted-admin/

BrowserBruter is a powerful web form fuzzing automation tool designed for web security professionals and penetration testers. This Python-based tool leverages Selenium and Selenium-Wire to automate web form fuzzing, making it easier to identify potential vulnerabilities in web applications. 
https://github.com/netsquare/BrowserBruter
   

https://syntax.goldenowl.ai/    

#exploit
1⃣ CVE-2025-48703: (https://fenrisk.com/rce-centos-webpanel)
RCE in CentOS Web Panel
2⃣ CVE-2025-31200: (https://blog.noahhw.dev/posts/cve-2025-31200)
Zero-click RCE vulnerability in Apple's iOS 18.x
3⃣ CVE-2025-32463: (https://github.com/pr0v3rbs/CVE-2025-32463_chwoot)
Escalation of Privilege to the root through sudo binary with chroot option
4⃣ CVE-2025-49113: (https://github.com/fearsoff-org/CVE-2025-49113)
Roundcube ≤ 1.6.10 Post-Auth RCE via PHP Object Deserialization
5⃣ CVE-2025-32433: (https://github.com/ProDefense/CVE-2025-32433)
Unauth RCE in Erlang/OTP SSH

1. DEVMAN Ransomware
https://any.run/cybersecurity-blog/devma...e-analysis
2. BrowserVenom (Fake DeepSeek) Malicious installer
https://securelist.com/browservenom-mimi...oxy/115728
3. KimJongRAT Stealer
https://unit42.paloaltonetworks.com/kimj...powershell
4. macOS NimDoor
https://www.sentinelone.com/labs/macos-n...ed-malware
5. Windows Shortcut (LNK) Malware Strategies
https://unit42.paloaltonetworks.com/lnk-malware