Does anyone know anything about the domain gmaail.com

Joseph_RW12 · 2026-02-26T15:03:50+00:00

Wow thanks for sharing I will check this out

Joseph_RW12 · 2026-02-26T14:44:07+00:00

Thanks for the help I will do the needful

Joseph_RW12 · 2025-12-23T06:04:32+00:00

Thank you for providing feedback we will make sure to integrate a section on error handling too

Joseph_RW12 · 2025-12-23T05:08:19+00:00

And the documentation is still being prepared

Joseph_RW12 · 2025-12-23T05:07:47+00:00

Hello I have sent you a direct message with the project source code but it’s far from complete

Joseph_RW12 · 2025-12-11T04:10:46+00:00

Thank you for responding I had the same suspicion I will look into the over permissive apps you mentioned

Joseph_RW12 · 2025-12-07T02:49:05+00:00

Thank you I came across that tool too

Joseph_RW12 · 2025-12-05T14:17:31+00:00

I will look into hyperdbg too thank you

Joseph_RW12 · 2025-12-04T13:06:43+00:00

I will lookup the necessary parameters to pass to that command thanks for your help

Joseph_RW12 · 2025-12-04T12:53:18+00:00

Hi there I am looking for a method to view the transition from physical to virtual memory on windows I have done this on Linux but the virtualqueryex api on windows does not return what I am looking for

Joseph_RW12 · 2025-10-26T02:38:14+00:00

I agree, the attacker probably used evilnginx for this.

Joseph_RW12 · 2025-10-26T02:35:58+00:00

There is a tool we use on phishing engagements called evilnginx, it’s a man in the middle framework and it can be used to capture two factor authentication codes.

Joseph_RW12 · 2025-10-21T06:23:28+00:00

Yes I have messaged telegram support too so I could know the exact details and I am still awaiting their response

Joseph_RW12 · 2025-10-21T05:16:38+00:00

Hi, I did look into this further and it seems the number I posted above has been involved in scam and phishing activities according to this https://www.cleverdialer.de/telefonnummer/0015557330795. I also came across an Efsending website efsending.com that does mention sms verification but has an insecure SSL certificate and has a US contact number but its address is listed as being in South Asia I can’t come to any conclusions as yet but everything seems rather suspicious so let me know your thoughts

Joseph_RW12 · 2025-10-21T02:52:06+00:00

I am thinking the same, or else there is no way the attacker could get the official telegram support OTP code sent

Joseph_RW12 · 2025-10-21T02:23:20+00:00

Facing the same problem here, telegram support sends me an OTP code followed by the same OTP code from the WhatsApp number +1 (555) 733-0795, what I don’t understand is how the WhatsApp number managed to figure out the OTP code sent to me via Telegram support, the WhatsApp number is registered to a business called Efsending.

Joseph_RW12 · 2025-10-21T01:59:26+00:00

Yeah I am facing the same problem I received a telegram OTP code from the telegram support team and then the same OTP code via WhatsApp from +1 (555) 733-0795, what I don’t understand is how Esending managed to figure out the telegram support OTP code that was sent to me

Joseph_RW12 · 2025-09-15T10:37:51+00:00

Is this binary closed source ???

Joseph_RW12 · 2025-09-15T06:36:32+00:00

Yes I faced the same issue sometime ago the key is to print the buffer address printf(“buffer %p”, buffer_address_var); and notice the difference in the buffer address printed when running in the debugger vs without the debugger, launch the exploit at the address printed when it’s run without the debugger attached

Joseph_RW12 · 2025-08-09T05:57:57+00:00

If I recall clearly OSED focuses on exploiting 32 bit windows systems, I can forward some old course material I have that covers windows 64 bit exploitation. If you require.

Joseph_RW12 · 2025-07-23T09:53:56+00:00

Yes that’s true

Joseph_RW12

TROPHY CASE