Recent content by Yoda

It's the second Tuesday of the month, which means it's Patch Tuesday time again. As such, today, Microsoft is rolling out the monthly security update (also called "B release") for May 2025 on Windows Server 20H2 and Windows 10 for the latest supported versions, 20H2, 21H2, and 22H2. The new...

Today is Microsoft's May 2025 Patch Tuesday, which includes security updates for 72 flaws, including five actively exploited and two publicly disclosed zero-day vulnerabilities. This Patch Tuesday also fixes six "Critical" vulnerabilities, five being remote code execution vulnerabilities and...

Authix Login Patch Authix (https://authix.cc/) allows you to skip the login part when you inject it into any program that uses the license system. Made by 8code.org (Revolex & ThichQuangDuc). We didn't spend much time on this, so if you report any bugs you find we will fix them in the next...

What does it do? It allows you to read IOCTL calls that a program sends to the drive. This helps you to see the IOCTL address you have recorded and link it when needed. For example, this could be the IOCTL address of a driver that invokes the mouse gesture. Features You can see IOCTL addresses...

All of these Handles relate to sys calls with their driver. Closing these handles basically removes all connections from Game to Driver, therefore disabling their anticheat I found this by scanning through all their Handles and finding all the driver shitty threading offsets. Step 1: Open Steam...

A simple tool to convert static addresses (relative to the start of the HEADER) to Relative Virtual Addresses (RVA). Usage <base_original>: Original base address (e.g., 0x140000000) <base_target>: Target base address <absolute_address>: Absolute address to convert #include <stdio.h> #include...

Cloudflare waf hunting at scale using one simple trick! Click now to find out more… Feel free to ignore the above, wanted to make it look cool for the subtitle. When performing various pentests, I have discovered a specific quirk (whether or not others know about this, I don’t know, but if so...

The process is very simple and efficient. The first step is to copy the target website URL. Now that we know the target, the next step will be to execute a very simple, yet powerful one-liner command that streamlines the testing process. Here’s how it works echo example.com | gau | gf xss | uro...

It was hard for me to finally bypass this. It all started with a scan using nuclei that showed a reflected XSS vulnerability in the following endpoint: “https://redacted.tld/path/path/uuid%22%3E%3C667711%3E/u-u-i-d”. However, this turned out to be a false positive. The payload generated by...

Eline sağlık