Dino
@dinodunn.bsky.social
Security Engineer with a caffeine and book addiction
www.youtube.com/watch?v=pRij... - This was a really really good break down on Kerberoasting for Blue Teams highly recommend to any folks looking to understand how to triage a Kerberoasting attack.
#cybersecurity
#cybersecurity
Threat Watch: Spotting Kerberoasting from a blue team perspective | Learn with HTB
YouTube video by Hack The Box
www.youtube.com
November 21, 2025 at 6:03 PM
www.youtube.com/watch?v=pRij... - This was a really really good break down on Kerberoasting for Blue Teams highly recommend to any folks looking to understand how to triage a Kerberoasting attack.
#cybersecurity
#cybersecurity
www.exploit-db.com/google-hacki... Kind of neat I didn't know Offsec kept a database of useful google dorks
#cybersecurity #OSINT
#cybersecurity #OSINT
OffSec’s Exploit Database Archive
The GHDB is an index of search queries (we call them dorks) used to find publicly available information, intended for pentesters and security researchers.
www.exploit-db.com
November 21, 2025 at 4:16 PM
www.exploit-db.com/google-hacki... Kind of neat I didn't know Offsec kept a database of useful google dorks
#cybersecurity #OSINT
#cybersecurity #OSINT
November 20, 2025 at 7:12 PM
github.com/Pennyw0rth/N... I feel a netexec theme today apparently. This is a netexec lab you can build to play around with Active directory. may be worth a shot if you are practicing for OSCP or just want to level up AD #ActiveDirectory #RedTeam #Netexec
GitHub - Pennyw0rth/NetExec-Lab: Lab used for workshop and CTF
Lab used for workshop and CTF. Contribute to Pennyw0rth/NetExec-Lab development by creating an account on GitHub.
github.com
November 13, 2025 at 5:35 PM
github.com/Pennyw0rth/N... I feel a netexec theme today apparently. This is a netexec lab you can build to play around with Active directory. may be worth a shot if you are practicing for OSCP or just want to level up AD #ActiveDirectory #RedTeam #Netexec
github.com/The-Viper-On... Pretty cool tool if you are doing red teaming from a windows host. Great to add in for Commando VM from Mandiant #redteam #cyber #tool Basically it is crackmap/netexec just built in Powershell.
Home
Dominate Active Directory with PowerShell. . Contribute to The-Viper-One/PsMapExec development by creating an account on GitHub.
github.com
November 13, 2025 at 4:56 PM
github.com/The-Viper-On... Pretty cool tool if you are doing red teaming from a windows host. Great to add in for Commando VM from Mandiant #redteam #cyber #tool Basically it is crackmap/netexec just built in Powershell.
@tcmsecurity.bsky.social just dropped their new SOC200 course great for anyone looking to build labs and get better at incident response and threat hunting.
certifications.tcm-sec.com/psap/?utm_so...
certifications.tcm-sec.com/psap/?utm_so...
Practical SOC Analyst Professional (PSAP) Certification - TCM Security
Enhance your SOC Analyst skills by earning the Practical SOC Analyst Professional (PSAP) certification. Includes training and one free retake!
certifications.tcm-sec.com
November 7, 2025 at 6:09 PM
@tcmsecurity.bsky.social just dropped their new SOC200 course great for anyone looking to build labs and get better at incident response and threat hunting.
certifications.tcm-sec.com/psap/?utm_so...
certifications.tcm-sec.com/psap/?utm_so...
cset.georgetown.edu/article/ai-r... - Great article on Ai Red teaming #Cybersecurity #AI #AIsecurity
AI Red-Teaming Design: Threat Models and Tools | Center for Security and Emerging Technology
Red-teaming is a popular evaluation methodology for AI systems, but it is still severely lacking in theoretical grounding and technical best practices. This blog introduces the concept of threat model...
cset.georgetown.edu
October 27, 2025 at 3:34 PM
cset.georgetown.edu/article/ai-r... - Great article on Ai Red teaming #Cybersecurity #AI #AIsecurity
www.vulncheck.com/blog/state-o... some great threat intel from Vulncheck
State of Exploitation - A look Into The 1H-2025 Vulnerability Exploitation & Threat Activity | Blog | VulnCheck
A Look into the Last 6-months of Vulnerability Exploitation… January-June 2025
www.vulncheck.com
July 31, 2025 at 2:55 PM
www.vulncheck.com/blog/state-o... some great threat intel from Vulncheck
open.spotify.com/episode/1fEa... - North Korean's inflitrating US companies for cash is pretty big news right now and also pretty fascinating. This story is about one of the folks who manage a north Korean laptop farm and its pretty interesting.
#Cybersecurity #Laptopfarm
#Cybersecurity #Laptopfarm
The Everyday American Who Hustled for North Korea
The Journal. · Episode
open.spotify.com
June 4, 2025 at 2:48 PM
open.spotify.com/episode/1fEa... - North Korean's inflitrating US companies for cash is pretty big news right now and also pretty fascinating. This story is about one of the folks who manage a north Korean laptop farm and its pretty interesting.
#Cybersecurity #Laptopfarm
#Cybersecurity #Laptopfarm
www.hackthelogs.com/mainpage.html Another great resource for Detection Engineers and anyone working with SIEM's
#Cybersecurity
#Cybersecurity
www.hackthelogs.com
June 3, 2025 at 4:48 PM
www.hackthelogs.com/mainpage.html Another great resource for Detection Engineers and anyone working with SIEM's
#Cybersecurity
#Cybersecurity
Really cool one for anyone in Appsec or red team awesome XSS cheat sheet from PortSwigger.
portswigger.net/web-security...
#Cybersecurity #Cheatsheet #Appsec
portswigger.net/web-security...
#Cybersecurity #Cheatsheet #Appsec
Cross-Site Scripting (XSS) Cheat Sheet - 2025 Edition | Web Security Academy
Interactive cross-site scripting (XSS) cheat sheet for 2025, brought to you by PortSwigger. Actively maintained, and regularly updated with new vectors.
portswigger.net
June 3, 2025 at 4:43 PM
Really cool one for anyone in Appsec or red team awesome XSS cheat sheet from PortSwigger.
portswigger.net/web-security...
#Cybersecurity #Cheatsheet #Appsec
portswigger.net/web-security...
#Cybersecurity #Cheatsheet #Appsec
cvemon.intruder.io - Great tool for any folks in Vulnerability Management. Helpful to see whats going on in CVE's.
#VulnManagement #cybersecurity
#VulnManagement #cybersecurity
Top CVE Trends & Expert Vulnerability Insights
Stay ahead with the latest insights on trending vulnerabilities. Discover today's top 10 CVEs on social media. Get free and expert commentary from Intruder
cvemon.intruder.io
May 28, 2025 at 8:29 PM
cvemon.intruder.io - Great tool for any folks in Vulnerability Management. Helpful to see whats going on in CVE's.
#VulnManagement #cybersecurity
#VulnManagement #cybersecurity
academy.hackthebox.com/path/preview... - Killer resource for anyone in Cybersecurity looking to level up their skills on AI security!
#AIsecurity #cybersecurity #redTeam
#AIsecurity #cybersecurity #redTeam
AI Red Teamer Job Role Path | HTB Academy
The AI Red Teamer Job Role Path, in collaboration with Google, trains cybersecurity professionals to assess, exploit, and secure AI systems. Covering prompt...
academy.hackthebox.com
May 28, 2025 at 8:28 PM
academy.hackthebox.com/path/preview... - Killer resource for anyone in Cybersecurity looking to level up their skills on AI security!
#AIsecurity #cybersecurity #redTeam
#AIsecurity #cybersecurity #redTeam
Reposted by Dino
New Darwin Awards 2025 nominee:
A Russian space academy cadet created a tool to access classified data on the Russian MOD network and was selling it for only $100 on Russia's biggest classified ads portal
He was arrested by the FSB last week
t.me/voenpravoru/...
A Russian space academy cadet created a tool to access classified data on the Russian MOD network and was selling it for only $100 on Russia's biggest classified ads portal
He was arrested by the FSB last week
t.me/voenpravoru/...
Правовой уголок офицера
🪖 // Скандал в Военно-космической академии: курсант задержан за взлом защищенной информации
Курсант Военно-космической академии имени А.Ф. Можайского разработал программу, способную взламывать защит...
t.me
May 12, 2025 at 9:31 PM
New Darwin Awards 2025 nominee:
A Russian space academy cadet created a tool to access classified data on the Russian MOD network and was selling it for only $100 on Russia's biggest classified ads portal
He was arrested by the FSB last week
t.me/voenpravoru/...
A Russian space academy cadet created a tool to access classified data on the Russian MOD network and was selling it for only $100 on Russia's biggest classified ads portal
He was arrested by the FSB last week
t.me/voenpravoru/...
medium.com/@dub-flow/ho... Great into for secure code review along with some resources to help folks get better at it #cybersecurity #code
How to Get Started with Secure Code Review
Since starting my secure code review challenges in December 2023 (https://github.com/dub-flow/secure-code-review-challenges), many people…
medium.com
March 14, 2025 at 3:01 PM
medium.com/@dub-flow/ho... Great into for secure code review along with some resources to help folks get better at it #cybersecurity #code
orange-cyberdefense.github.io/ocd-mindmaps... such a cool Active Directory min map for offensive security
#Activdirectory #cybersecurity #redteam
#Activdirectory #cybersecurity #redteam
orange-cyberdefense.github.io
March 11, 2025 at 9:46 PM
orange-cyberdefense.github.io/ocd-mindmaps... such a cool Active Directory min map for offensive security
#Activdirectory #cybersecurity #redteam
#Activdirectory #cybersecurity #redteam
academy.hackthebox.com/path/preview... - This is virtually free @hackthebox.bsky.social silly cube payment system makes me feel like im a kid at Chuck-E-Cheese again BUT the content is excellent and great for anyone starting from the ground up in AI red teaming #AI #infosec #Cybersecurity
AI Red Teamer Job Role Path | HTB Academy
The AI Red Teamer Job Role Path, in collaboration with Google, trains cybersecurity professionals to assess, exploit, and secure AI systems. Covering prompt...
academy.hackthebox.com
February 5, 2025 at 6:29 AM
academy.hackthebox.com/path/preview... - This is virtually free @hackthebox.bsky.social silly cube payment system makes me feel like im a kid at Chuck-E-Cheese again BUT the content is excellent and great for anyone starting from the ground up in AI red teaming #AI #infosec #Cybersecurity
www.npr.org/sections/pla... - This is a pretty good read on #AI. Simply put the comparison is to coal back in England in the 1800s as efficiency increased the common thought was consumption would decrease. But instead there was a rebound effect. Some are pondering if this will be the same for AI/LLM
Why the AI world is suddenly obsessed with a 160-year-old economics paradox
The primer on Jevons paradox that you didn't know you needed.
www.npr.org
February 5, 2025 at 6:04 AM
www.npr.org/sections/pla... - This is a pretty good read on #AI. Simply put the comparison is to coal back in England in the 1800s as efficiency increased the common thought was consumption would decrease. But instead there was a rebound effect. Some are pondering if this will be the same for AI/LLM
cloud.google.com/blog/topics/... - great read from Google on Adversarial misuse of Gen AI and what they have been seeing from threat actors lately.
Too many cool take aways to fit them all in
#infosec #cybersecurity #AIsecurity
Too many cool take aways to fit them all in
#infosec #cybersecurity #AIsecurity
Adversarial Misuse of Generative AI | Google Cloud Blog
We share our findings on government-backed and information operations threat actor use of the Gemini web application.
cloud.google.com
January 29, 2025 at 3:47 PM
cloud.google.com/blog/topics/... - great read from Google on Adversarial misuse of Gen AI and what they have been seeing from threat actors lately.
Too many cool take aways to fit them all in
#infosec #cybersecurity #AIsecurity
Too many cool take aways to fit them all in
#infosec #cybersecurity #AIsecurity
www.ransomware.live/vulns This is such a cool site if you are in CTI and not using it I think it can easily make it into your weekly checks. Beyond the great wealth of Ransomware data they just added some of @bushidotoken.net's CVE,TOOLS and TTP's matrix.
#CTI #threatintel #cybersecurity
#CTI #threatintel #cybersecurity
Ransomware.live 👀
Ransomware.live tracks ransomware groups and their activity. It was created by Julien Mousqueton, a security researcher. The website provides information on the groups' infrastructure, victims, and payment demands. It also includes a live map that shows the latest ransomware attacks.
www.ransomware.live
January 28, 2025 at 9:37 PM
www.ransomware.live/vulns This is such a cool site if you are in CTI and not using it I think it can easily make it into your weekly checks. Beyond the great wealth of Ransomware data they just added some of @bushidotoken.net's CVE,TOOLS and TTP's matrix.
#CTI #threatintel #cybersecurity
#CTI #threatintel #cybersecurity
www.kelacyber.com/blog/deepsee... - Great read on DeepSeek security flaws. personal experience it is a little bit easier to jailbreak than others which can pose some risk. Though I do feel there is a bit of overblown hype around some aspects.
#cybersecurit #AI #llm
#cybersecurit #AI #llm
DeepSeek R1 Exposed: Security Flaws in China’s AI Model
Discover the security flaws in DeepSeek R1, a Chinese AI model with advanced reasoning capabilities. KELA's analysis reveals vulnerabilities, outdated safeguards, and privacy risks, emphasizing the ne...
www.kelacyber.com
January 28, 2025 at 9:34 PM
www.kelacyber.com/blog/deepsee... - Great read on DeepSeek security flaws. personal experience it is a little bit easier to jailbreak than others which can pose some risk. Though I do feel there is a bit of overblown hype around some aspects.
#cybersecurit #AI #llm
#cybersecurit #AI #llm
buckets.grayhatwarfare.com - This is a pretty neat search engine for open/public/misconfigured buckets both S3 and any other S3 similar cloud product (Digital Ocean, Azure Blob, Google Drive etc.)
#cybersecurity #CloudSecurity #security #infosec
#cybersecurity #CloudSecurity #security #infosec
Public Buckets by GrayhatWarfare
buckets.grayhatwarfare.com
December 5, 2024 at 9:39 PM
buckets.grayhatwarfare.com - This is a pretty neat search engine for open/public/misconfigured buckets both S3 and any other S3 similar cloud product (Digital Ocean, Azure Blob, Google Drive etc.)
#cybersecurity #CloudSecurity #security #infosec
#cybersecurity #CloudSecurity #security #infosec
github.com/lkarlslund/n... - Nuke it from orbit is a pretty neat concept of removing AV/EDR when you have physical access to a machine might be fun to play around with but also use with care 😁
GitHub - lkarlslund/nifo: Nuke It From Orbit - remove AV/EDR with physical access
Nuke It From Orbit - remove AV/EDR with physical access - lkarlslund/nifo
github.com
December 2, 2024 at 11:36 PM
github.com/lkarlslund/n... - Nuke it from orbit is a pretty neat concept of removing AV/EDR when you have physical access to a machine might be fun to play around with but also use with care 😁
www.humblebundle.com/books/hackin... - Killer bundle of books for $20 from humble bundle evading EDR and windows security internals such a good deal for anyone in Cybersecurity.
#cybersecuriry #infosec #Hacking
#cybersecuriry #infosec #Hacking
Humble Tech Book Bundle: Hacking 2024 by No Starch
Level up your hacking and skills with this tech bundle from No Starch. Learn to protect yourself and others! Pay what you want & support charity!
www.humblebundle.com
December 2, 2024 at 8:48 PM
www.humblebundle.com/books/hackin... - Killer bundle of books for $20 from humble bundle evading EDR and windows security internals such a good deal for anyone in Cybersecurity.
#cybersecuriry #infosec #Hacking
#cybersecuriry #infosec #Hacking
www.elastic.co/security-lab... - great read on maturity model for Detection Engineering.
#infosec #cybersecurity #cyber #Detection
#infosec #cybersecurity #cyber #Detection
Elastic releases the Detection Engineering Behavior Maturity Model — Elastic Security Labs
Using this maturity model, security teams can make structured, measurable, and iteritive improvements to their detection engineering teams..
www.elastic.co
November 29, 2024 at 8:50 PM
www.elastic.co/security-lab... - great read on maturity model for Detection Engineering.
#infosec #cybersecurity #cyber #Detection
#infosec #cybersecurity #cyber #Detection