At the end of the year, everyone sums up the results, and we decided not to lag behind: we selected the top 10 posts from our Telegram channel PurpleShift that received the most likes in 2025.
The authors of these studies, utilities, and useful cybersecurity tips will, of course, be rewarded! And you, dear readers, can check if you have read all of our top stories:
[1] Pentest Awards, third place in the “Infrastructure Penetration” category (case description)
[2] UnUnicode plugin for converting JSON with escaped characters into a readable format
[3] Security research of the RPC interface
[4] Using hidden and single-character files in attacks on Linux
[5] Promise of security research of the Zigbee protocol (and a separate post — research results)
[6] Pentest Awards, Top-10 prize in the “Infrastructure Penetration” category (case description)
[7] Critical vulnerability in HashiCorp Vault
[8] ParseJsonWithSDDLs utility for checking permissions in DACL access control lists
[9] How to talk to the air without attracting the attention of the orderlies
[10] How to extract secrets from the Windows registry without attracting the attention of EDR
