Many news here in Egypt about a cyber criminal called Abanoub Nady who was providing with Phishing-as-a-Service (PhaaS)
He did over 240 phishing domains for Microsoft only
The funny part, people are saying he is mostly the person who was sending phishing emails with the domain (rnicrosoft.com) "r + n"
Official Microsoft risk management article: https://www.microsoft.com/en-us/security/security-insider/risk-management/egypt-based-cybercriminal-suppliers-websites-seized
He did over 240 phishing domains for Microsoft only
The funny part, people are saying he is mostly the person who was sending phishing emails with the domain (rnicrosoft.com) "r + n"
Official Microsoft risk management article: https://www.microsoft.com/en-us/security/security-insider/risk-management/egypt-based-cybercriminal-suppliers-websites-seized
Microsoft
Microsoft Digital Crimes Unit Targets Cybercrime Key Player | Security Insider
Microsoft's Digital Crimes Unit (DCU) disrupted an Egypt-based phishing campaign by seizing phishing sites. Discover the details of this major operation.
😁7❤3
Forwarded from Android Security & Malware
Flutter SSL Bypass: How to Intercept HTTPS Traffic When all other Frida Scripts Fail
https://m4kr0x.medium.com/flutter-tls-bypass-how-to-intercept-https-traffic-when-all-other-frida-scripts-fail-bd3d04489088
https://m4kr0x.medium.com/flutter-tls-bypass-how-to-intercept-https-traffic-when-all-other-frida-scripts-fail-bd3d04489088
Medium
Flutter SSL Bypass: How to Intercept HTTPS Traffic When all other Frida Scripts Fail
In this article, I’ll walk you through my journey in intercepting HTTPS traffic from a APK based on Flutter during a pentesting engagement…
❤7🔥5👍2
Run full-fledged Linux Distros right on your Android device without rooting.
Official website: https://andronix.app/
Github: https://github.com/AndronixApp
Google play: https://play.google.com/store/apps/details?id=studio.com.techriz.andronix
Official website: https://andronix.app/
Github: https://github.com/AndronixApp
Google play: https://play.google.com/store/apps/details?id=studio.com.techriz.andronix
Andronix App
Install Linux distributions like Ubuntu, Debian, Manjaro and more on your un-rooted Android device.
❤3
Cyber news
TCM Security is running an AI chat bot hacking CTF on
https://ctf.tcmsecurity.com/
The winners are getting 50% discount of the certificates there
Happy hacking
It's easy to solve by the way,I already did it
@reverseengineer101
TCM Security is running an AI chat bot hacking CTF on
https://ctf.tcmsecurity.com/
The winners are getting 50% discount of the certificates there
Happy hacking
It's easy to solve by the way,
@reverseengineer101
❤4🔥3👍2
Cloudflare Turnsite is down so if your website or the website you regularly visit isn't working it's not your problem
Official source from cloudflare: https://www.cloudflarestatus.com/
Official source from cloudflare: https://www.cloudflarestatus.com/
Cloudflarestatus
Cloudflare Status
Welcome to Cloudflare's home for real-time and historical data on system performance.
❤6😢3
reverse engineering
After AWS outage problem many signs are saying that Azure is down in many places of the world, here in Egypt many people/companies claim that they are suffering with Azure services or they can't reach it There is an opinion says all tech companies should…
Well, it should be like this instead of Google's cloud
🤣7🤝6❤1
Gooey
Turn (almost) any Python command line program into a full GUI application with one line
https://github.com/chriskiehl/Gooey/
Turn (almost) any Python command line program into a full GUI application with one line
What is it?
Gooey converts your Console Applications into end-user-friendly GUI applications. It lets you focus on building robust, configurable programs in a familiar way, all without having to worry about how it will be presented to and interacted with by your average user.
https://github.com/chriskiehl/Gooey/
GitHub
GitHub - chriskiehl/Gooey: Turn (almost) any Python command line program into a full GUI application with one line
Turn (almost) any Python command line program into a full GUI application with one line - chriskiehl/Gooey
❤9
This media is not supported in your browser
VIEW IN TELEGRAM
The new Egyptian Nuclear Project
Built Egyptians and Russians on an Egyptian land
🇷🇺🇪🇬🇷🇺🇪🇬
Built Egyptians and Russians on an Egyptian land
🇷🇺🇪🇬🇷🇺🇪🇬
🔥7😱7❤4
New video uploaded !
Intigriti's month (Nov 2025) challenge full walk through
Watch on YouTube
https://youtu.be/ZNYxws_LtWs
Read the write-up on Medium
https://medium.com/@mohamedabozaid961/intigritis-1125-challenge-walk-through-3e3c391f7699
The pdf version is in comments below 👇
@reverseengineer101
Intigriti's month (Nov 2025) challenge full walk through
Watch on YouTube
https://youtu.be/ZNYxws_LtWs
Read the write-up on Medium
https://medium.com/@mohamedabozaid961/intigritis-1125-challenge-walk-through-3e3c391f7699
The pdf version is in comments below 👇
@reverseengineer101
YouTube
Intigriti's 1125 challenge full walk through #ctf #intigriti #challenge
intigriti's Nov 2025 challenge full walk through
You can find the full write up on the pinned comment
You can find the full write up on the pinned comment
👍4💯4🔥2❤1
Prompt injection
Nowadays AI security is crucial, you see most of the websites now add a chat bot based on an AI model and jail breaking it can really leak sensitive data
@reverseengineer101
Nowadays AI security is crucial, you see most of the websites now add a chat bot based on an AI model and jail breaking it can really leak sensitive data
@reverseengineer101
❤8
reverse engineering
Prompt injection Nowadays AI security is crucial, you see most of the websites now add a chat bot based on an AI model and jail breaking it can really leak sensitive data @reverseengineer101
Btw, I forgot to attach this link from OWASP top 10 for LLMs
https://owasp.org/www-project-top-10-for-large-language-model-applications/
https://owasp.org/www-project-top-10-for-large-language-model-applications/
owasp.org
OWASP Top 10 for Large Language Model Applications | OWASP Foundation
Aims to educate developers, designers, architects, managers, and organizations about the potential security risks when deploying and managing Large Language Models (LLMs)
❤9🔥2
Orbstack is a docker alternative
https://orbstack.dev/
@reverseengineer101
OrbStack is the fast, light, and easy way to run Docker containers and Linux. Develop at lightspeed with our Docker Desktop alternative.
https://orbstack.dev/
@reverseengineer101
OrbStack
OrbStack · Fast, light, simple Docker & Linux
Say goodbye to slow, clunky containers and VMs. The fast, light, and easy way to run containers and Linux. Develop at lightspeed with our Docker Desktop alternative.
❤4👏3🔥2
API Sec university is live !
@reverseengineer101
Live Session Alert: API Security Basics - A Bug Hunter's Perspectivein now on discord
Today's Live Discord [Session](https://discord.gg/4X6fXK5B?event=1444365577241104384) is starting in 5 minutes in the https://discord.com/channels/1009112852759593100/1329504546858205314 stage channel.
Join us NOW!
Jo
@reverseengineer101
Discord
Join the APIsec University Discord Server!
This is a community to discuss all things related to API security, get help with APIsec University Courses, or trouble shoot the APIsec Product. Be Kind. Be Professional. Learn. Grow. | 14614 members
👍4❤2
If you have a target that relay on GraphQL always test if the introspection is enabled or not (it shall not be in production systems but sometimes it is) once you enumerate the schema you can go to something like Graphql voyager for better understanding and getting all the relations between the objects or you can read the schema by yourself if it's small, then try to observe the most sensitive fields like users chats or passwords or ... then try to get it then you will find that GraphQL is just returning that to you
The reason why I am writing this because I recently found a massive leakage (user ip addresses, feedback chats, ...)in some crypto wallet
#Cyber_tips
@reverseengineer101
The reason why I am writing this because I recently found a massive leakage (user ip addresses, feedback chats, ...)in some crypto wallet
#Cyber_tips
@reverseengineer101
apis.guru
GraphQL Voyager
Represent any GraphQL API as an interactive graph
❤5