@jessefmoore.bsky.social
Reposted
The final scores for WRCCDC's Invitational #2 which had over 30 teams participating! See you all at the next Invitational in a couple weeks. If you haven't registered please sign up as soon as possible, spots are almost full!
[Note: Volunteer School Teams have been removed from this chart]
[Note: Volunteer School Teams have been removed from this chart]
November 4, 2025 at 3:38 AM
The final scores for WRCCDC's Invitational #2 which had over 30 teams participating! See you all at the next Invitational in a couple weeks. If you haven't registered please sign up as soon as possible, spots are almost full!
[Note: Volunteer School Teams have been removed from this chart]
[Note: Volunteer School Teams have been removed from this chart]
Reposted
New SiegeCast "Cloud Pentesting Part 2" coming 9/30! Catch up on "Cloud Pentesting Part 1" from Security Consultants Douglas Berdeaux and Stuart Rorer🔗 youtu.be/5V6p9cZ9OuQ?...
#hacking #infosec #cybersecurity
#hacking #infosec #cybersecurity
September 4, 2025 at 6:43 PM
New SiegeCast "Cloud Pentesting Part 2" coming 9/30! Catch up on "Cloud Pentesting Part 1" from Security Consultants Douglas Berdeaux and Stuart Rorer🔗 youtu.be/5V6p9cZ9OuQ?...
#hacking #infosec #cybersecurity
#hacking #infosec #cybersecurity
Reposted
We've got a fresh #BloodHoundBasics post from @jonas-bk.bsky.social!
Ever wondered about those obscure AD special identity groups that quietly grant permissions to every principal in your environment?
With BloodHound, you can uncover compromising permissions tied to these groups.
🧵: 1/2
Ever wondered about those obscure AD special identity groups that quietly grant permissions to every principal in your environment?
With BloodHound, you can uncover compromising permissions tied to these groups.
🧵: 1/2
September 5, 2025 at 6:28 PM
We've got a fresh #BloodHoundBasics post from @jonas-bk.bsky.social!
Ever wondered about those obscure AD special identity groups that quietly grant permissions to every principal in your environment?
With BloodHound, you can uncover compromising permissions tied to these groups.
🧵: 1/2
Ever wondered about those obscure AD special identity groups that quietly grant permissions to every principal in your environment?
With BloodHound, you can uncover compromising permissions tied to these groups.
🧵: 1/2
Reposted
September 8, 2025 at 1:44 PM
Reposted
Interested in helping make competitions? Building scenarios and making cool environments for college students to use and compete in? Sign up to join WRCCDC's Operations Team! forms.gle/sVC35YvcwE9E...
We will be starting soon so sign up today!
We will be starting soon so sign up today!
WRCCDC Volunteer Interest Form
Welcome! You are here because you indicated your interest in volunteering to build and make the Western Regional Collegiate Competition. You will build scenarios, networks, and systems that will help...
forms.gle
August 19, 2025 at 11:53 PM
Interested in helping make competitions? Building scenarios and making cool environments for college students to use and compete in? Sign up to join WRCCDC's Operations Team! forms.gle/sVC35YvcwE9E...
We will be starting soon so sign up today!
We will be starting soon so sign up today!
Yo! Practice Pentesting, Red Teaming, and MalDev in Ludus!🥰😎👻
Stop testing in prod (even someone else's)! Are you tired of installing Active Directory on your test VMs for the 100th time? Ever YOLO a binary off GitHub into prod because your testing setup is tedious? I've built a solution: ludus.cloud
(1/5)
(1/5)
Ludus
The easiest way to deploy testing infrastructure
ludus.cloud
August 8, 2025 at 2:10 AM
Yo! Practice Pentesting, Red Teaming, and MalDev in Ludus!🥰😎👻
Reposted
Black Hat is done, now it's time for the final con of the week, and probably the best.
August 8, 2025 at 12:51 AM
Black Hat is done, now it's time for the final con of the week, and probably the best.
Reposted
Come play in one of the two Kubernetes Capture the Flag events we're facilitating at #DEFCON 33!
Fri – Sun : Learning CTF w/ Walkthrough
Saturday: Competitive CTF
First Place Prize (for a team on-site at DEF CON) is a Bambu Labs A1 Mini 3D printer!
containersecurityctf.com
@defcon.bsky.social
Fri – Sun : Learning CTF w/ Walkthrough
Saturday: Competitive CTF
First Place Prize (for a team on-site at DEF CON) is a Bambu Labs A1 Mini 3D printer!
containersecurityctf.com
@defcon.bsky.social
Container Security Capture the Flag
Container Security Capture the Flag
containersecurityctf.com
August 7, 2025 at 12:32 AM
Come play in one of the two Kubernetes Capture the Flag events we're facilitating at #DEFCON 33!
Fri – Sun : Learning CTF w/ Walkthrough
Saturday: Competitive CTF
First Place Prize (for a team on-site at DEF CON) is a Bambu Labs A1 Mini 3D printer!
containersecurityctf.com
@defcon.bsky.social
Fri – Sun : Learning CTF w/ Walkthrough
Saturday: Competitive CTF
First Place Prize (for a team on-site at DEF CON) is a Bambu Labs A1 Mini 3D printer!
containersecurityctf.com
@defcon.bsky.social
Reposted
In Vegas for hacker summer camp and trying to get food without breaking the bank? I vibed a simple map site: defconfood.badsectorlabs.com
Come see Ludus at the embedded Systems Village - hack an IP camera, see the new UI, and get a sticker!
Come see Ludus at the embedded Systems Village - hack an IP camera, see the new UI, and get a sticker!
DEF CON Las Vegas Food Map
defconfood.badsectorlabs.com
August 7, 2025 at 8:50 PM
In Vegas for hacker summer camp and trying to get food without breaking the bank? I vibed a simple map site: defconfood.badsectorlabs.com
Come see Ludus at the embedded Systems Village - hack an IP camera, see the new UI, and get a sticker!
Come see Ludus at the embedded Systems Village - hack an IP camera, see the new UI, and get a sticker!
Reposted
VMware Tools LPE (@justbronzebee), Adaptix C2 0.7 (@hacker_ralf), Ludus MCP (@__Mastadon), SOAP(y) (@_logangoins), and more!
blog.badsectorlabs.com/last-week-in...
blog.badsectorlabs.com/last-week-in...
Last Week in Security (LWiS) - 2025-07-28
VMware Tools LPE (@justbronzebee), Adaptix C2 0.7 (@hacker_ralf), Ludus MCP (@__Mastadon), SOAP(y) (@_logangoins), and more!
blog.badsectorlabs.com
July 29, 2025 at 3:58 PM
VMware Tools LPE (@justbronzebee), Adaptix C2 0.7 (@hacker_ralf), Ludus MCP (@__Mastadon), SOAP(y) (@_logangoins), and more!
blog.badsectorlabs.com/last-week-in...
blog.badsectorlabs.com/last-week-in...
Reposted
In-person ATT&CKcon 6.0 ticket sales are open! Come join us October 14-15 at ATT&CK HQ in McLean, VA. na.eventscloud.com/attackcon6/
We're almost set to announce this year's exciting speaker lineup and will open virtual registration Sep 3rd, so stay tuned!
We're almost set to announce this year's exciting speaker lineup and will open virtual registration Sep 3rd, so stay tuned!
ATT&CKcon 6.0
MITRE ATT&CKcon | October 14 - 15, 2025
na.eventscloud.com
July 30, 2025 at 4:01 PM
In-person ATT&CKcon 6.0 ticket sales are open! Come join us October 14-15 at ATT&CK HQ in McLean, VA. na.eventscloud.com/attackcon6/
We're almost set to announce this year's exciting speaker lineup and will open virtual registration Sep 3rd, so stay tuned!
We're almost set to announce this year's exciting speaker lineup and will open virtual registration Sep 3rd, so stay tuned!
Reposted
Red teamers know the drill: endless file churning, hunting for passwords & tokens. 🔍
Meet DeepPass2, our new secret scanning tool that goes beyond structured tokens to catch those tricky free-form passwords too. Read Neeraj Gupta's blog post for more. ghst.ly/40HLNNA
Meet DeepPass2, our new secret scanning tool that goes beyond structured tokens to catch those tricky free-form passwords too. Read Neeraj Gupta's blog post for more. ghst.ly/40HLNNA
What’s Your Secret?: Secret Scanning by DeepPass2 - SpecterOps
Discover DeepPass2 - a secret scanning tool combining BERT-based model and LLMs to detect free-form passwords, and other structured tokens and secrets with high accuracy.
ghst.ly
July 31, 2025 at 5:36 PM
Red teamers know the drill: endless file churning, hunting for passwords & tokens. 🔍
Meet DeepPass2, our new secret scanning tool that goes beyond structured tokens to catch those tricky free-form passwords too. Read Neeraj Gupta's blog post for more. ghst.ly/40HLNNA
Meet DeepPass2, our new secret scanning tool that goes beyond structured tokens to catch those tricky free-form passwords too. Read Neeraj Gupta's blog post for more. ghst.ly/40HLNNA
Reposted
Greetings, luminous humans of #defcon! Welcome to the last weekend before #DEFCON33!
Join us Thursday from 7:30 to 10:30 at the Sahara for the KEVOPS Sellout Pool Party! Refreshing pool, delicious tacos, and DEF CON DJ’s on the ones and twos. DEF CON badge required for entry.
See you there.
Join us Thursday from 7:30 to 10:30 at the Sahara for the KEVOPS Sellout Pool Party! Refreshing pool, delicious tacos, and DEF CON DJ’s on the ones and twos. DEF CON badge required for entry.
See you there.
August 1, 2025 at 9:32 PM
Reposted
The ATT&CK team is out at #hackersummercamp and happy to chat, meet up, or just share some stickers. Drop a DM or stop by an appearance if you’re interested in saying hi!
Headed for Vegas for @bsideslv.org, @defcon.bsky.social, and @blackhatevents.bsky.social! I have hundreds of @attack.mitre.org stickers and will be popping up Friday 11am on DEF CON Creator Stage 2 (defcon.org/html/defcon-...), and for a short talk in the AttackIQ BH booth (#5030) Wed 11am.
defcon.org
August 5, 2025 at 2:20 PM
The ATT&CK team is out at #hackersummercamp and happy to chat, meet up, or just share some stickers. Drop a DM or stop by an appearance if you’re interested in saying hi!
Reposted
BloodHound 8.0 debuts with major upgrades in attack path management
📖 Read more: www.helpnetsecurity.com/2025/08/05/b...
#cybersecurity #cybersecuritynews #opensource @specterops.io
📖 Read more: www.helpnetsecurity.com/2025/08/05/b...
#cybersecurity #cybersecuritynews #opensource @specterops.io
BloodHound 8.0 debuts with major upgrades in attack path management - Help Net Security
BloodHound 8.0, the open-source Attack Path Management platform, features major enhancements and expanded capabilities.
www.helpnetsecurity.com
August 5, 2025 at 12:11 PM
BloodHound 8.0 debuts with major upgrades in attack path management
📖 Read more: www.helpnetsecurity.com/2025/08/05/b...
#cybersecurity #cybersecuritynews #opensource @specterops.io
📖 Read more: www.helpnetsecurity.com/2025/08/05/b...
#cybersecurity #cybersecuritynews #opensource @specterops.io
Reposted
Last LWIS before DEF CON. Come see us in the Embedded Systems Village where we have a mini-workshop hosting an emulated camera on Ludus for you to hack!
blog.badsectorlabs.com/last-week-in...
blog.badsectorlabs.com/last-week-in...
Last Week in Security (LWiS) - 2025-08-04
AEM RCE (@infosec_au), Intune cert abuse (@_dirkjan), Entra tradecraft (@hotnops), LLMs for R&D (@kyleavery_), File System API research (@Print3M_), and more!
blog.badsectorlabs.com
August 5, 2025 at 3:47 PM
Last LWIS before DEF CON. Come see us in the Embedded Systems Village where we have a mini-workshop hosting an emulated camera on Ludus for you to hack!
blog.badsectorlabs.com/last-week-in...
blog.badsectorlabs.com/last-week-in...
Reposted
During my #BHUSA talk I've released many ETW research tools, of which the most notable is BamboozlEDR. This tool allows you to inject events into ETW, allowing you to generate fake alerts and blind EDRs.
github.com/olafhartong/...
Slides available here:
github.com/olafhartong/...
github.com/olafhartong/...
Slides available here:
github.com/olafhartong/...
GitHub - olafhartong/BamboozlEDR: A comprehensive ETW (Event Tracing for Windows) event generation tool designed for testing and research purposes.
A comprehensive ETW (Event Tracing for Windows) event generation tool designed for testing and research purposes. - olafhartong/BamboozlEDR
github.com
August 6, 2025 at 8:49 PM
During my #BHUSA talk I've released many ETW research tools, of which the most notable is BamboozlEDR. This tool allows you to inject events into ETW, allowing you to generate fake alerts and blind EDRs.
github.com/olafhartong/...
Slides available here:
github.com/olafhartong/...
github.com/olafhartong/...
Slides available here:
github.com/olafhartong/...
Reposted
So, here's a little thread on my new open source project:
The Tradecraft Garden.
tradecraftgarden.org
It's Crystal Palace, an open-source linker and linker script specialized to writing PIC DLL loaders.
And, a corpora of DLL loaders demonstrating design patterns building tradecraft with it.
The Tradecraft Garden.
tradecraftgarden.org
It's Crystal Palace, an open-source linker and linker script specialized to writing PIC DLL loaders.
And, a corpora of DLL loaders demonstrating design patterns building tradecraft with it.
June 5, 2025 at 2:36 PM
So, here's a little thread on my new open source project:
The Tradecraft Garden.
tradecraftgarden.org
It's Crystal Palace, an open-source linker and linker script specialized to writing PIC DLL loaders.
And, a corpora of DLL loaders demonstrating design patterns building tradecraft with it.
The Tradecraft Garden.
tradecraftgarden.org
It's Crystal Palace, an open-source linker and linker script specialized to writing PIC DLL loaders.
And, a corpora of DLL loaders demonstrating design patterns building tradecraft with it.
Reposted
Reposted
Getting started w/ Mythic? We've got you covered.
@its-a-feature.bsky.social walks through the web UI basics, login process, & how to configure your default username/password. Check it out! ▶️ ghst.ly/user-interface
Watch the full series: ghst.ly/mythic-op
@its-a-feature.bsky.social walks through the web UI basics, login process, & how to configure your default username/password. Check it out! ▶️ ghst.ly/user-interface
Watch the full series: ghst.ly/mythic-op
April 17, 2025 at 8:12 PM
Getting started w/ Mythic? We've got you covered.
@its-a-feature.bsky.social walks through the web UI basics, login process, & how to configure your default username/password. Check it out! ▶️ ghst.ly/user-interface
Watch the full series: ghst.ly/mythic-op
@its-a-feature.bsky.social walks through the web UI basics, login process, & how to configure your default username/password. Check it out! ▶️ ghst.ly/user-interface
Watch the full series: ghst.ly/mythic-op
Reposted
It's #BloodHoundBasics day!
Let's talk Tier 0 inheritance. If you're trying to unravel why some of the objects in your environment show up as Tier 0, this query will demonstrate the nuances of inheritance in 2 ways: inheritance up w/ OUs, & inheritance down w/ Groups.
🧵 1/3
Let's talk Tier 0 inheritance. If you're trying to unravel why some of the objects in your environment show up as Tier 0, this query will demonstrate the nuances of inheritance in 2 ways: inheritance up w/ OUs, & inheritance down w/ Groups.
🧵 1/3
April 18, 2025 at 5:51 PM
It's #BloodHoundBasics day!
Let's talk Tier 0 inheritance. If you're trying to unravel why some of the objects in your environment show up as Tier 0, this query will demonstrate the nuances of inheritance in 2 ways: inheritance up w/ OUs, & inheritance down w/ Groups.
🧵 1/3
Let's talk Tier 0 inheritance. If you're trying to unravel why some of the objects in your environment show up as Tier 0, this query will demonstrate the nuances of inheritance in 2 ways: inheritance up w/ OUs, & inheritance down w/ Groups.
🧵 1/3
Reposted
This has been a LONG time coming! This is just the beginning though :) I'll be recording more videos for updates, new features, workflow enhancements, and yes - a developer series too! Be sure to let me know what you do/don't like about this format and what kinds of things you'd like to see!
Mastering Mythic doesn't have to be complicated. 😵💫
Check out our operator-focused video series w/ @its-a-feature.bsky.social, which cuts through the noise & delivers exactly what you need to customize & leverage Mythic effectively.
👀: ghst.ly/mythic-op
Check out our operator-focused video series w/ @its-a-feature.bsky.social, which cuts through the noise & delivers exactly what you need to customize & leverage Mythic effectively.
👀: ghst.ly/mythic-op
April 15, 2025 at 8:14 PM
This has been a LONG time coming! This is just the beginning though :) I'll be recording more videos for updates, new features, workflow enhancements, and yes - a developer series too! Be sure to let me know what you do/don't like about this format and what kinds of things you'd like to see!
Congratulations 🥳 to the top 3 teams at #PRCCDC!
1st Oregon State University
2nd George Fox University
3rd The Evergreen State College
---------------------------
Oregon State University
George Fox University
The Evergreen State College
Thank you National Collegiate Cyber Defense Competition!
1st Oregon State University
2nd George Fox University
3rd The Evergreen State College
---------------------------
Oregon State University
George Fox University
The Evergreen State College
Thank you National Collegiate Cyber Defense Competition!
March 24, 2025 at 6:24 PM
Congratulations 🥳 to the top 3 teams at #PRCCDC!
1st Oregon State University
2nd George Fox University
3rd The Evergreen State College
---------------------------
Oregon State University
George Fox University
The Evergreen State College
Thank you National Collegiate Cyber Defense Competition!
1st Oregon State University
2nd George Fox University
3rd The Evergreen State College
---------------------------
Oregon State University
George Fox University
The Evergreen State College
Thank you National Collegiate Cyber Defense Competition!