Collaborate Disseminate
MSSQLand enables red teams to interact with MS-SQL servers and linked instances in restricted environments without complex T-SQL queries. Assembly-ready tool for lateral movement. Continue reading MSSQLand – Lightweight MS-SQL Interaction Tool for Lateral Movement and Post-Exploitation
Credential stuffing drove 22% of all breaches in 2025. How combolists, infostealers and ATO tooling are fuelling enterprise account takeover at scale Continue reading Credential Stuffing in 2025 – How Combolists, Infostealers and Account Takeover Became an Industry
DumpBrowserSecrets extracts saved passwords, cookies, OAuth tokens and autofill data from Chrome, Edge, Firefox, Opera and Vivaldi, bypassing App-Bound Encryption via Early Bird APC injection. Continue reading DumpBrowserSecrets – Browser Credential Harvesting with App-Bound Encryption Bypass
Systemic ransomware events in 2025, how Jaguar Land Rover’s shutdown exposed Category 3 supply chain risk, with lessons from Toyota, Nissan and Ferrari. Continue reading Systemic Ransomware Events in 2025 – How Jaguar Land Rover Showed What a Category 3 Supply Chain Breach Looks Like
SmbCrawler is a credentialed SMB share crawler for red teams that discovers misconfigured shares and hunts secrets across Windows networks. Continue reading SmbCrawler – SMB Share Discovery and Secret-Hunting
Heisenberg Dependency Health Check is a GitHub Action that flags risky or newly introduced dependencies in pull requests using supply-chain signals. Continue reading Heisenberg Dependency Health Check – GitHub Action for Supply Chain Risk
Dark web search engines in 2025 and how enterprises use monitoring, APIs and IOC hunting to detect credential leaks, impersonation and supply chain exposure. Continue reading Dark Web Search Engines in 2025 – Enterprise Monitoring, APIs and IOC Hunting
mcp-scan is a dynamic proxy and guardrail monitor for MCP servers, providing real-time traffic inspection and enforcement for agents and tools. Continue reading mcp-scan – Real-Time Guardrail Monitoring and Dynamic Proxy for MCP Servers
mcp-scan is a dynamic proxy and guardrail monitor for MCP servers, providing real-time traffic inspection and enforcement for agents and tools. Continue reading mcp-scan – Real-Time Guardrail Monitoring and Dynamic Proxy for MCP Servers
Initial access brokers in 2025, how dark web access listings feed ransomware supply chain events like JLR, and what CISOs can do to detect and disrupt them Continue reading Initial Access Brokers (IAB) in 2025 – From Dark Web Listings to Supply Chain Ransomware Events