Kuba Gretzky
@mrgretzky.breakdev.org
Offensive security tools developer. Malware developer, hobby music producer, bedroom DJ & ex-MMO game hacker. Creator of Evilginx / Bartender @ BREAKDEV RED.
Pinned
Kuba Gretzky
@mrgretzky.breakdev.org
· Mar 12
Evilginx Pro is finally here!
After over two years of development, Evilginx Pro reverse proxy phishing framework for red teams is finally live!
breakdev.org
🚨 Evilginx Pro is finally here! 🚨🎣🐟
This is it! After over two years of development, countless delays, and hundreds of manual company verifications, Evilginx Pro is finally live!
Thank you all for your invaluable support 💗
breakdev.org/evilginx-pro...
This is it! After over two years of development, countless delays, and hundreds of manual company verifications, Evilginx Pro is finally live!
Thank you all for your invaluable support 💗
breakdev.org/evilginx-pro...
Glad to be mentioned in such a great company! 😆 @chudypb.bsky.social 🔥
Evilginx Pro (@mrgretzky.breakdev.org ), Pre-auth RCE in a CMS (@chudypb.bsky.social), GOAD ADCS, YouTube email disclosure (@brutecat.com), SAML parser bug (ulldma.bsky.social), and more!
blog.badsectorlabs.com/last-week-in...
blog.badsectorlabs.com/last-week-in...
Last Week in Security (LWiS) - 2025-03-17
Evilginx Pro (@mrgretzky), Pre-auth RCE in a CMS (@chudyPB), GOAD ADCS (@M4yFly), YouTube email disclosure (@brutecat), SAML parser bug (@ulldma.bsky.social/@[email protected]), and more!
blog.badsectorlabs.com
March 18, 2025 at 8:03 AM
Glad to be mentioned in such a great company! 😆 @chudypb.bsky.social 🔥
🚨 Evilginx Pro is finally here! 🚨🎣🐟
This is it! After over two years of development, countless delays, and hundreds of manual company verifications, Evilginx Pro is finally live!
Thank you all for your invaluable support 💗
breakdev.org/evilginx-pro...
This is it! After over two years of development, countless delays, and hundreds of manual company verifications, Evilginx Pro is finally live!
Thank you all for your invaluable support 💗
breakdev.org/evilginx-pro...
Evilginx Pro is finally here!
After over two years of development, Evilginx Pro reverse proxy phishing framework for red teams is finally live!
breakdev.org
March 12, 2025 at 3:29 PM
🚨 Evilginx Pro is finally here! 🚨🎣🐟
This is it! After over two years of development, countless delays, and hundreds of manual company verifications, Evilginx Pro is finally live!
Thank you all for your invaluable support 💗
breakdev.org/evilginx-pro...
This is it! After over two years of development, countless delays, and hundreds of manual company verifications, Evilginx Pro is finally live!
Thank you all for your invaluable support 💗
breakdev.org/evilginx-pro...
Since last year, I thought Ivanti Endpoint Manager was the most insecure tool you could use.
This year, I know it’s been Elon all along.
This year, I know it’s been Elon all along.
March 12, 2025 at 10:21 AM
Since last year, I thought Ivanti Endpoint Manager was the most insecure tool you could use.
This year, I know it’s been Elon all along.
This year, I know it’s been Elon all along.
Reposted by Kuba Gretzky
Big news: our trainings are live!
This year, we’re offering 13 courses led by top-notch experts. Whether you're red, blue, or somewhere in between,
come sharpen your skills, break stuff, and learn from the best!
📅 1–4 Sept
📍 Meervaart, Amsterdam
🎟 Tickets available now!
👉 weeztix.shop/qt2kzq6g
This year, we’re offering 13 courses led by top-notch experts. Whether you're red, blue, or somewhere in between,
come sharpen your skills, break stuff, and learn from the best!
📅 1–4 Sept
📍 Meervaart, Amsterdam
🎟 Tickets available now!
👉 weeztix.shop/qt2kzq6g
March 11, 2025 at 9:54 AM
Big news: our trainings are live!
This year, we’re offering 13 courses led by top-notch experts. Whether you're red, blue, or somewhere in between,
come sharpen your skills, break stuff, and learn from the best!
📅 1–4 Sept
📍 Meervaart, Amsterdam
🎟 Tickets available now!
👉 weeztix.shop/qt2kzq6g
This year, we’re offering 13 courses led by top-notch experts. Whether you're red, blue, or somewhere in between,
come sharpen your skills, break stuff, and learn from the best!
📅 1–4 Sept
📍 Meervaart, Amsterdam
🎟 Tickets available now!
👉 weeztix.shop/qt2kzq6g
Excellent research by Sagi Olshansky shows how even a simple "Terms of Service" conditional access option in Entra ID can become a thorn in the side of phishing threat actors.
Evilginx phishlet development action included 🎣
medium.com/@Sniffler/te...
Evilginx phishlet development action included 🎣
medium.com/@Sniffler/te...
Terms of What?
tl;dr
medium.com
February 27, 2025 at 1:45 PM
Excellent research by Sagi Olshansky shows how even a simple "Terms of Service" conditional access option in Entra ID can become a thorn in the side of phishing threat actors.
Evilginx phishlet development action included 🎣
medium.com/@Sniffler/te...
Evilginx phishlet development action included 🎣
medium.com/@Sniffler/te...
Reposted by Kuba Gretzky
I've been dealing with mysterious high CPU utilization from WmiPrvSE.exe for MONTHS. I finally did some digging using github.com/luctalpe/WMI... (run wmimon from an elevated cmd prompt). Guess what the culprit was?
GitHub - luctalpe/WMIMon: Tool to monitor WMI activity on Windows
Tool to monitor WMI activity on Windows. Contribute to luctalpe/WMIMon development by creating an account on GitHub.
github.com
January 5, 2025 at 3:54 AM
I've been dealing with mysterious high CPU utilization from WmiPrvSE.exe for MONTHS. I finally did some digging using github.com/luctalpe/WMI... (run wmimon from an elevated cmd prompt). Guess what the culprit was?
The BREAKDEV RED software shop engine is finally finished 🎉
Out of respect to all Evilginx fans, the purchase experience will be as friendly and fair as possible:
- Floating licenses ONLY
- No minimum cap for license purchases
Evilginx Pro release date: February 2025
Merry Christmas everyone! 🎄
Out of respect to all Evilginx fans, the purchase experience will be as friendly and fair as possible:
- Floating licenses ONLY
- No minimum cap for license purchases
Evilginx Pro release date: February 2025
Merry Christmas everyone! 🎄
December 20, 2024 at 3:23 PM
The BREAKDEV RED software shop engine is finally finished 🎉
Out of respect to all Evilginx fans, the purchase experience will be as friendly and fair as possible:
- Floating licenses ONLY
- No minimum cap for license purchases
Evilginx Pro release date: February 2025
Merry Christmas everyone! 🎄
Out of respect to all Evilginx fans, the purchase experience will be as friendly and fair as possible:
- Floating licenses ONLY
- No minimum cap for license purchases
Evilginx Pro release date: February 2025
Merry Christmas everyone! 🎄
Reposted by Kuba Gretzky
New #PEsieve & #HollowsHunter
(v0.4.0) are released: github.com/hasherezade/... & github.com/hasherezade/... - A lot has changed in the new version, check it out!
(v0.4.0) are released: github.com/hasherezade/... & github.com/hasherezade/... - A lot has changed in the new version, check it out!
December 14, 2024 at 4:33 PM
New #PEsieve & #HollowsHunter
(v0.4.0) are released: github.com/hasherezade/... & github.com/hasherezade/... - A lot has changed in the new version, check it out!
(v0.4.0) are released: github.com/hasherezade/... & github.com/hasherezade/... - A lot has changed in the new version, check it out!
Reposted by Kuba Gretzky
I wrote a fun, little blog post. Remote pre-auth file deletion in SolarWinds ARM allowed to achieve LPE on AD machines 🙃
In his latest blog, @chudypb.bsky.social covers a pre-auth Arbitrary File Deletion bug he discovered in the SolarWinds Access Rights Manager (ARM). It may not sound exciting, but it can lead to an LPE on domain-joined Windows machines. Read the details at www.zerodayinitiative.com/blog/2024/12...
Zero Day Initiative — SolarWinds Access Rights Manager: One Vulnerability to LPE Them All
Some time ago, I spent some time researching a core SolarWinds product, SolarWinds Platform (previously Orion Platform). At that time, I hadn’t been aware of the SolarWinds Access Right Manager produc...
www.zerodayinitiative.com
December 12, 2024 at 6:03 PM
I wrote a fun, little blog post. Remote pre-auth file deletion in SolarWinds ARM allowed to achieve LPE on AD machines 🙃
Reposted by Kuba Gretzky
🚨 BLACK FRIDAY 50% OFF 24-HOUR SALE 🚨
Today I'm running the biggest sale, since the course release in 2023!
Get Evilginx Mastery course with lifetime access for 199 EUR ONLY today! 🤩
Upgrade your phishing skills before Evilginx Pro drops!
🔗Link: academy.breakdev.org/evilginx-mas...
Today I'm running the biggest sale, since the course release in 2023!
Get Evilginx Mastery course with lifetime access for 199 EUR ONLY today! 🤩
Upgrade your phishing skills before Evilginx Pro drops!
🔗Link: academy.breakdev.org/evilginx-mas...
November 28, 2024 at 10:22 PM
🚨 BLACK FRIDAY 50% OFF 24-HOUR SALE 🚨
Today I'm running the biggest sale, since the course release in 2023!
Get Evilginx Mastery course with lifetime access for 199 EUR ONLY today! 🤩
Upgrade your phishing skills before Evilginx Pro drops!
🔗Link: academy.breakdev.org/evilginx-mas...
Today I'm running the biggest sale, since the course release in 2023!
Get Evilginx Mastery course with lifetime access for 199 EUR ONLY today! 🤩
Upgrade your phishing skills before Evilginx Pro drops!
🔗Link: academy.breakdev.org/evilginx-mas...
🚨 BLACK FRIDAY 50% OFF 24-HOUR SALE 🚨
Today I'm running the biggest sale, since the course release in 2023!
Get Evilginx Mastery course with lifetime access for 199 EUR ONLY today! 🤩
Upgrade your phishing skills before Evilginx Pro drops!
🔗Link: academy.breakdev.org/evilginx-mas...
Today I'm running the biggest sale, since the course release in 2023!
Get Evilginx Mastery course with lifetime access for 199 EUR ONLY today! 🤩
Upgrade your phishing skills before Evilginx Pro drops!
🔗Link: academy.breakdev.org/evilginx-mas...
November 28, 2024 at 10:22 PM
🚨 BLACK FRIDAY 50% OFF 24-HOUR SALE 🚨
Today I'm running the biggest sale, since the course release in 2023!
Get Evilginx Mastery course with lifetime access for 199 EUR ONLY today! 🤩
Upgrade your phishing skills before Evilginx Pro drops!
🔗Link: academy.breakdev.org/evilginx-mas...
Today I'm running the biggest sale, since the course release in 2023!
Get Evilginx Mastery course with lifetime access for 199 EUR ONLY today! 🤩
Upgrade your phishing skills before Evilginx Pro drops!
🔗Link: academy.breakdev.org/evilginx-mas...
🚨 The Black Friday sale is coming!
The sale drops at midnight today! (UTC+1)
It will be the biggest sale yet! 🤩
The sale drops at midnight today! (UTC+1)
It will be the biggest sale yet! 🤩
November 28, 2024 at 11:52 AM
🚨 The Black Friday sale is coming!
The sale drops at midnight today! (UTC+1)
It will be the biggest sale yet! 🤩
The sale drops at midnight today! (UTC+1)
It will be the biggest sale yet! 🤩
Reposted by Kuba Gretzky
I want to do a little promotion here as well:
For the dutch people following me: last year me and 2 other folks from HITB dutch crew started orangecon.nl.
Its a nonprofit which focusses on knowledge sharing with affordable trainings followed by a very affordable conference. Do check it out please!
For the dutch people following me: last year me and 2 other folks from HITB dutch crew started orangecon.nl.
Its a nonprofit which focusses on knowledge sharing with affordable trainings followed by a very affordable conference. Do check it out please!
OrangeCon
orangecon.nl
November 27, 2024 at 5:53 PM
I want to do a little promotion here as well:
For the dutch people following me: last year me and 2 other folks from HITB dutch crew started orangecon.nl.
Its a nonprofit which focusses on knowledge sharing with affordable trainings followed by a very affordable conference. Do check it out please!
For the dutch people following me: last year me and 2 other folks from HITB dutch crew started orangecon.nl.
Its a nonprofit which focusses on knowledge sharing with affordable trainings followed by a very affordable conference. Do check it out please!
I'm currently doing super exciting research (that's a joke 😭) trying to decide which invoicing platform with API access to use.
Can anyone confirm if Zoho Books is a good platform or if there is any alternative worth considering?
I'm having the time of my life 😆
Can anyone confirm if Zoho Books is a good platform or if there is any alternative worth considering?
I'm having the time of my life 😆
November 26, 2024 at 12:35 PM
I'm currently doing super exciting research (that's a joke 😭) trying to decide which invoicing platform with API access to use.
Can anyone confirm if Zoho Books is a good platform or if there is any alternative worth considering?
I'm having the time of my life 😆
Can anyone confirm if Zoho Books is a good platform or if there is any alternative worth considering?
I'm having the time of my life 😆
I keep catching myself referring to "Linkin Park" as "LinkedIn Park".
Is it a sign of growing old? 👴
Is it a sign of growing old? 👴
November 22, 2024 at 9:03 AM
I keep catching myself referring to "Linkin Park" as "LinkedIn Park".
Is it a sign of growing old? 👴
Is it a sign of growing old? 👴
Reposted by Kuba Gretzky
Paged Out! #5 is out – enjoy! pagedout.institute
And if you like the cover, we have wallpapers!
And if you like the cover, we have wallpapers!
November 19, 2024 at 9:31 AM
Paged Out! #5 is out – enjoy! pagedout.institute
And if you like the cover, we have wallpapers!
And if you like the cover, we have wallpapers!
Evilginx Pro Update:
Tool is ready and awaits release.
I'm now creating an online shop engine, because why not 😜
I hope one day it becomes Steam for cybersecurity tools with Evilginx Pro its first release, like Half-Life 2 on Steam exactly 20 years ago.
Red team tools unite!
Tool is ready and awaits release.
I'm now creating an online shop engine, because why not 😜
I hope one day it becomes Steam for cybersecurity tools with Evilginx Pro its first release, like Half-Life 2 on Steam exactly 20 years ago.
Red team tools unite!
November 19, 2024 at 4:57 PM
Evilginx Pro Update:
Tool is ready and awaits release.
I'm now creating an online shop engine, because why not 😜
I hope one day it becomes Steam for cybersecurity tools with Evilginx Pro its first release, like Half-Life 2 on Steam exactly 20 years ago.
Red team tools unite!
Tool is ready and awaits release.
I'm now creating an online shop engine, because why not 😜
I hope one day it becomes Steam for cybersecurity tools with Evilginx Pro its first release, like Half-Life 2 on Steam exactly 20 years ago.
Red team tools unite!
Defenders use cross-origin requests through CSS url() or injected JS to leak your phishing URL in the HTTP Referer header.
Today, I've been reminded about the excellent post by Keanu Nys, which contains a lot of great evasion ideas!
insights.spotit.be/2024/06/03/c...
Today, I've been reminded about the excellent post by Keanu Nys, which contains a lot of great evasion ideas!
insights.spotit.be/2024/06/03/c...
Clipping the Canary’s wings: Bypassing AiTM Phishing Detections | Spotit insights
insights.spotit.be
November 18, 2024 at 11:29 AM
Defenders use cross-origin requests through CSS url() or injected JS to leak your phishing URL in the HTTP Referer header.
Today, I've been reminded about the excellent post by Keanu Nys, which contains a lot of great evasion ideas!
insights.spotit.be/2024/06/03/c...
Today, I've been reminded about the excellent post by Keanu Nys, which contains a lot of great evasion ideas!
insights.spotit.be/2024/06/03/c...
Reposted by Kuba Gretzky
November 15, 2024 at 10:17 PM
Does anyone else feel Bluesky has finally solved the notification stacking/clutter problem Twitter has been unable to solve since its beginning?
November 15, 2024 at 12:05 PM
Does anyone else feel Bluesky has finally solved the notification stacking/clutter problem Twitter has been unable to solve since its beginning?
I'm reaching the point where most of the Twitter accounts I followed for news, have migrated to Bluesky.
Soon I may have no reason to go there anymore! 🥳
Soon I may have no reason to go there anymore! 🥳
November 15, 2024 at 9:55 AM
I'm reaching the point where most of the Twitter accounts I followed for news, have migrated to Bluesky.
Soon I may have no reason to go there anymore! 🥳
Soon I may have no reason to go there anymore! 🥳
🎂 BREAKDEV RED launched a year ago on 9th Nov 2023.
It's a closed community for red teamers where every member is approved by hand.
Takeaways:
👫 1203 members approved & joined
🤗 Made lots of new friends
📚 Learned from the best
Thank you for making it extraordinary! 💗
It's a closed community for red teamers where every member is approved by hand.
Takeaways:
👫 1203 members approved & joined
🤗 Made lots of new friends
📚 Learned from the best
Thank you for making it extraordinary! 💗
November 13, 2024 at 9:24 AM
🎂 BREAKDEV RED launched a year ago on 9th Nov 2023.
It's a closed community for red teamers where every member is approved by hand.
Takeaways:
👫 1203 members approved & joined
🤗 Made lots of new friends
📚 Learned from the best
Thank you for making it extraordinary! 💗
It's a closed community for red teamers where every member is approved by hand.
Takeaways:
👫 1203 members approved & joined
🤗 Made lots of new friends
📚 Learned from the best
Thank you for making it extraordinary! 💗
Reposted by Kuba Gretzky
if you’re trying to find the people you follow on twitter, check out @kawamataryo.bsky.social’s www.sky-follower-bridge.dev
it found a full 1/3 of the people i follow. impressive work by the developer, but also impressive to see that that many twitter people are setting up here.
it found a full 1/3 of the people i follow. impressive work by the developer, but also impressive to see that that many twitter people are setting up here.
November 11, 2024 at 3:44 PM
if you’re trying to find the people you follow on twitter, check out @kawamataryo.bsky.social’s www.sky-follower-bridge.dev
it found a full 1/3 of the people i follow. impressive work by the developer, but also impressive to see that that many twitter people are setting up here.
it found a full 1/3 of the people i follow. impressive work by the developer, but also impressive to see that that many twitter people are setting up here.
Early Cascade Injection PoC by C5pider
github.com/Cracked5pide...
Based on research by Outflank:
www.outflank.nl/blog/2024/10...
github.com/Cracked5pide...
Based on research by Outflank:
www.outflank.nl/blog/2024/10...
GitHub - Cracked5pider/earlycascade-injection: early cascade injection PoC based on Outflanks blog post
early cascade injection PoC based on Outflanks blog post - Cracked5pider/earlycascade-injection
github.com
November 8, 2024 at 10:36 AM
Early Cascade Injection PoC by C5pider
github.com/Cracked5pide...
Based on research by Outflank:
www.outflank.nl/blog/2024/10...
github.com/Cracked5pide...
Based on research by Outflank:
www.outflank.nl/blog/2024/10...