Denny Fischer
@df-sec.bsky.social
IT-Security Consultant | Problem Solver | Father | Twitter: @df_sec (https://twitter.com/df_sec) | Mastodon: @df_sec@infosec.exchange (https://infosec.exchange/@df_sec)
"HELP! MY ACCOUNT GOT HACKED!" - Business Email Compromise (BEC) Part 1
www.truesec.com/hub/blog/hel...
"The Anatomy of a Business Email Compromise Attack" - Business Email Compromise (BEC) Part 2
www.truesec.com/hub/blog/the...
#infosec #blueteam
www.truesec.com/hub/blog/hel...
"The Anatomy of a Business Email Compromise Attack" - Business Email Compromise (BEC) Part 2
www.truesec.com/hub/blog/the...
#infosec #blueteam
September 25, 2025 at 5:54 PM
"HELP! MY ACCOUNT GOT HACKED!" - Business Email Compromise (BEC) Part 1
www.truesec.com/hub/blog/hel...
"The Anatomy of a Business Email Compromise Attack" - Business Email Compromise (BEC) Part 2
www.truesec.com/hub/blog/the...
#infosec #blueteam
www.truesec.com/hub/blog/hel...
"The Anatomy of a Business Email Compromise Attack" - Business Email Compromise (BEC) Part 2
www.truesec.com/hub/blog/the...
#infosec #blueteam
Harden Windows Security is an open source PowerShell module (with GUI/CLI/Unattended mode) that documents, automates and hardens Windows security settings based on supported Microsoft mechanisms
github.com/HotCakeX/Har...
#infosec #blueteam
github.com/HotCakeX/Har...
#infosec #blueteam
GitHub - HotCakeX/Harden-Windows-Security: Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Wind...
Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Pers...
github.com
August 29, 2025 at 7:50 PM
Harden Windows Security is an open source PowerShell module (with GUI/CLI/Unattended mode) that documents, automates and hardens Windows security settings based on supported Microsoft mechanisms
github.com/HotCakeX/Har...
#infosec #blueteam
github.com/HotCakeX/Har...
#infosec #blueteam
Prowler is an open-source security tool that helps assess and enforce security best practices across AWS, Azure, Google Cloud and Kubernetes.
github.com/prowler-clou...
#infosec #blueteam
github.com/prowler-clou...
#infosec #blueteam
GitHub - prowler-cloud/prowler: Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuous monitoring, security assessments & audits, incident ...
Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuous monitoring, security assessments & audits, incident response, compliance, har...
github.com
July 22, 2025 at 6:08 PM
Prowler is an open-source security tool that helps assess and enforce security best practices across AWS, Azure, Google Cloud and Kubernetes.
github.com/prowler-clou...
#infosec #blueteam
github.com/prowler-clou...
#infosec #blueteam
Ransomware Tool Matrix by @bushidotoken.net: This repository lists tools used by ransomware gangs. Defenders can detect and block these commonly reused tools to stop intrusions.
github.com/BushidoUK/Ra...
#infosec #blueteam
github.com/BushidoUK/Ra...
#infosec #blueteam
GitHub - BushidoUK/Ransomware-Tool-Matrix: A resource containing all the tools each ransomware gangs uses
A resource containing all the tools each ransomware gangs uses - BushidoUK/Ransomware-Tool-Matrix
github.com
May 7, 2025 at 3:16 PM
Ransomware Tool Matrix by @bushidotoken.net: This repository lists tools used by ransomware gangs. Defenders can detect and block these commonly reused tools to stop intrusions.
github.com/BushidoUK/Ra...
#infosec #blueteam
github.com/BushidoUK/Ra...
#infosec #blueteam
State-of-the-art phishing: MFA bypass by Jaeson Schultz @talosintelligence.com
blog.talosintelligence.com/state-of-the...
#infosec #blueteam
blog.talosintelligence.com/state-of-the...
#infosec #blueteam
State-of-the-art phishing: MFA bypass
Threat actors are bypassing MFA with adversary-in-the-middle attacks via reverse proxies. Phishing-as-a-Service tools like Evilproxy make these threats harder to detect.
blog.talosintelligence.com
May 5, 2025 at 1:10 PM
State-of-the-art phishing: MFA bypass by Jaeson Schultz @talosintelligence.com
blog.talosintelligence.com/state-of-the...
#infosec #blueteam
blog.talosintelligence.com/state-of-the...
#infosec #blueteam
ArgFuscator is an open-source web app that generates obfuscated command lines for common system tools. Great for testing your defenses against real-world attack techniques.
argfuscator.net
#infosec #pentest #redteam #blueteam
argfuscator.net
#infosec #pentest #redteam #blueteam
ArgFuscator
Generate obfuscated command-line arguments for common system-native executables now with ArgFuscator.
argfuscator.net
March 31, 2025 at 5:28 PM
ArgFuscator is an open-source web app that generates obfuscated command lines for common system tools. Great for testing your defenses against real-world attack techniques.
argfuscator.net
#infosec #pentest #redteam #blueteam
argfuscator.net
#infosec #pentest #redteam #blueteam
How well do you protect your privacy?
The Privacy Checkup helps you assess your online surveillance defenses and take steps to protect your data.
privacy-checkup.info (English, Deutsch, Español)
#privacy #infosec
The Privacy Checkup helps you assess your online surveillance defenses and take steps to protect your data.
privacy-checkup.info (English, Deutsch, Español)
#privacy #infosec
Privacy Checkup: How well do you protect your privacy?
The Privacy Checkup was launched as part of Data Privacy Week 2024 and helps you to determine whether or not you’re sufficiently protecting your data online.
privacy-checkup.info
March 30, 2025 at 2:04 PM
How well do you protect your privacy?
The Privacy Checkup helps you assess your online surveillance defenses and take steps to protect your data.
privacy-checkup.info (English, Deutsch, Español)
#privacy #infosec
The Privacy Checkup helps you assess your online surveillance defenses and take steps to protect your data.
privacy-checkup.info (English, Deutsch, Español)
#privacy #infosec
A great read on the exploitation of VMware vulnerabilities - from both attacker and defender perspectives - plus practical recommendations to strengthen your security posture.
"Breaking the Virtual Barrier: From Web-Shell to Ransomware"
www.sygnia.co/threat-repor...
#infosec #blueteam
"Breaking the Virtual Barrier: From Web-Shell to Ransomware"
www.sygnia.co/threat-repor...
#infosec #blueteam
Breaking the Virtual Barrier: From Web-Shell to Ransomware
Recent VMware vulnerabilities have reignited the threat of VM escapes, enabling attackers to bypass security controls and deploy ransomware. Learn how adversaries exploit these flaws and how to streng...
www.sygnia.co
March 29, 2025 at 8:22 PM
A great read on the exploitation of VMware vulnerabilities - from both attacker and defender perspectives - plus practical recommendations to strengthen your security posture.
"Breaking the Virtual Barrier: From Web-Shell to Ransomware"
www.sygnia.co/threat-repor...
#infosec #blueteam
"Breaking the Virtual Barrier: From Web-Shell to Ransomware"
www.sygnia.co/threat-repor...
#infosec #blueteam
Eine kriminelle Organisation hinter mehr als 75.000 Fake-Shops, >1 Mio. Bestellungen & >$50M Schaden. Einblick in ihr ausgeklügeltes System & wie sie Käufer täuschen.
#38C3: "Fake-Shops von der Stange: BogusBazaar" mit @kaibiermann.bsky.social und kantorkel.
media.ccc.de/v/38c3-fake-...
#infosec
#38C3: "Fake-Shops von der Stange: BogusBazaar" mit @kaibiermann.bsky.social und kantorkel.
media.ccc.de/v/38c3-fake-...
#infosec
Fake-Shops von der Stange: BogusBazaar
Du bestellst im Internet? Natürlich bestellst Du im Internet. Aber dieses Mal wird Deine Ware nicht geliefert. Stattdessen sind Dein Geld...
media.ccc.de
January 2, 2025 at 10:51 AM
Eine kriminelle Organisation hinter mehr als 75.000 Fake-Shops, >1 Mio. Bestellungen & >$50M Schaden. Einblick in ihr ausgeklügeltes System & wie sie Käufer täuschen.
#38C3: "Fake-Shops von der Stange: BogusBazaar" mit @kaibiermann.bsky.social und kantorkel.
media.ccc.de/v/38c3-fake-...
#infosec
#38C3: "Fake-Shops von der Stange: BogusBazaar" mit @kaibiermann.bsky.social und kantorkel.
media.ccc.de/v/38c3-fake-...
#infosec
"Mastering Sysmon: Deploying, Configuring, and Fine-Tuning"
A free mini eBook for #DFIR professionals with practical steps to deploy, fine-tune, and start logging with Sysmon.
dfirinsights.com/2024/11/27/m...
#infosec #blueteam
A free mini eBook for #DFIR professionals with practical steps to deploy, fine-tune, and start logging with Sysmon.
dfirinsights.com/2024/11/27/m...
#infosec #blueteam
Mastering Sysmon free DFIR e-book release - DFIR Insights
Today is the day! I'm announcing the release of my guide: "Mastering Sysmon: Deploying, Configuring, and Fine-Tuning", a free mini eBook designed specifically for digital forensics and incident respon...
dfirinsights.com
December 16, 2024 at 11:18 AM
"Mastering Sysmon: Deploying, Configuring, and Fine-Tuning"
A free mini eBook for #DFIR professionals with practical steps to deploy, fine-tune, and start logging with Sysmon.
dfirinsights.com/2024/11/27/m...
#infosec #blueteam
A free mini eBook for #DFIR professionals with practical steps to deploy, fine-tune, and start logging with Sysmon.
dfirinsights.com/2024/11/27/m...
#infosec #blueteam
Reposted by Denny Fischer
Welche Daten enthält die elektronische #Patientenakte und was bedeutet sie für die ärztliche Schweigepflicht?
Die elektronische Patientenakte (ePA) kommt im Januar – ist ein Opt-Out sinnvoll? – Datenschutz – Unter dem Radar
Datenschutz – Unter dem Radar
blogs.tu-berlin.de
December 12, 2024 at 11:16 PM
Welche Daten enthält die elektronische #Patientenakte und was bedeutet sie für die ärztliche Schweigepflicht?
Carseat is a Python implementation of GhostPack's Seatbelt, a situational awareness tool for analyzing Windows security configurations.
github.com/0xthirteen/C...
#infosec #pentest #redteam
github.com/0xthirteen/C...
#infosec #pentest #redteam
GitHub - 0xthirteen/Carseat: Python implementation of GhostPack's Seatbelt situational awareness tool
Python implementation of GhostPack's Seatbelt situational awareness tool - 0xthirteen/Carseat
github.com
December 9, 2024 at 7:21 PM
Carseat is a Python implementation of GhostPack's Seatbelt, a situational awareness tool for analyzing Windows security configurations.
github.com/0xthirteen/C...
#infosec #pentest #redteam
github.com/0xthirteen/C...
#infosec #pentest #redteam
The fascinating security model of dark web marketplaces by @boehs.org
boehs.org/node/dark-we...
#infosec
boehs.org/node/dark-we...
#infosec
The fascinating security model of dark web marketplaces
Captchas, Monero, Scams and absolutely no JavaScript
boehs.org
December 2, 2024 at 8:41 PM
The fascinating security model of dark web marketplaces by @boehs.org
boehs.org/node/dark-we...
#infosec
boehs.org/node/dark-we...
#infosec
That's a Cybersecurity Advisory worth reading, with many important points to note.
Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a US Critical Infrastructure Sector Organization
www.cisa.gov/news-events/...
#infosec #blueteam
Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a US Critical Infrastructure Sector Organization
www.cisa.gov/news-events/...
#infosec #blueteam
Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a US Critical Infrastructure Sector Organization | CISA
www.cisa.gov
November 24, 2024 at 1:54 PM
That's a Cybersecurity Advisory worth reading, with many important points to note.
Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a US Critical Infrastructure Sector Organization
www.cisa.gov/news-events/...
#infosec #blueteam
Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a US Critical Infrastructure Sector Organization
www.cisa.gov/news-events/...
#infosec #blueteam
LOLESXi features a comprehensive list of binaries/scripts natively available in VMware ESXi that adversaries have utilised in their operations.
lolesxi-project.github.io/LOLESXi/
#infosec #pentest #redteam #blueteam
lolesxi-project.github.io/LOLESXi/
#infosec #pentest #redteam #blueteam
LOLESXi
lolesxi-project.github.io
November 8, 2024 at 12:36 PM
LOLESXi features a comprehensive list of binaries/scripts natively available in VMware ESXi that adversaries have utilised in their operations.
lolesxi-project.github.io/LOLESXi/
#infosec #pentest #redteam #blueteam
lolesxi-project.github.io/LOLESXi/
#infosec #pentest #redteam #blueteam
Phishing remains one of the most widespread cyberattacks - here are some tips on how to avoid falling victim!
5 Phishing Email Scams and How NOT To Fall For Them
www.huntress.com/blog/5-phish...
#infosec
5 Phishing Email Scams and How NOT To Fall For Them
www.huntress.com/blog/5-phish...
#infosec
5 Phishing Email Scams and How NOT To Fall For Them | Huntress
Explore the art of phishing, learn how to spot common phishing scams and red flags, and understand the importance of security awareness training.
www.huntress.com
October 24, 2024 at 12:16 PM
Phishing remains one of the most widespread cyberattacks - here are some tips on how to avoid falling victim!
5 Phishing Email Scams and How NOT To Fall For Them
www.huntress.com/blog/5-phish...
#infosec
5 Phishing Email Scams and How NOT To Fall For Them
www.huntress.com/blog/5-phish...
#infosec
🚨 Exciting news for all hackers and tech enthusiasts! The #DEFCON32 talks are now available on YouTube! 🎉
youtube.com/playlist?lis...
#infosec #pentest #redteam #blueteam
youtube.com/playlist?lis...
#infosec #pentest #redteam #blueteam
DEF CON 32 Main Stage Talks - YouTube
youtube.com
October 18, 2024 at 6:36 PM
A tool that uses the Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
github.com/netero1010/E...
#infosec #pentest #redteam
github.com/netero1010/E...
#infosec #pentest #redteam
GitHub - netero1010/EDRSilencer: A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server. - netero1010/EDRSilencer
github.com
October 17, 2024 at 5:31 PM
A tool that uses the Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
github.com/netero1010/E...
#infosec #pentest #redteam
github.com/netero1010/E...
#infosec #pentest #redteam
Spannend & unterhaltsam: Die #BigBrotherAwards prämieren jedes Jahr die größten Datensünder in Wirtschaft & Politik!
BigBrotherAwards 2024: Preisträger, Bilder und Livestream unter bigbrotherawards.de/2024
Also available in English: bigbrotherawards.de/en/2024
#infosec #BBA24
BigBrotherAwards 2024: Preisträger, Bilder und Livestream unter bigbrotherawards.de/2024
Also available in English: bigbrotherawards.de/en/2024
#infosec #BBA24
2024 | BigBrotherAwards
Die 24. BigBrotherAwards fanden am 11. Oktober 2024 in der Hechelei in Bielefeld statt. Eine vorläufige Version des Livestreams finden Sie auf unserer
bigbrotherawards.de
October 17, 2024 at 11:17 AM
Spannend & unterhaltsam: Die #BigBrotherAwards prämieren jedes Jahr die größten Datensünder in Wirtschaft & Politik!
BigBrotherAwards 2024: Preisträger, Bilder und Livestream unter bigbrotherawards.de/2024
Also available in English: bigbrotherawards.de/en/2024
#infosec #BBA24
BigBrotherAwards 2024: Preisträger, Bilder und Livestream unter bigbrotherawards.de/2024
Also available in English: bigbrotherawards.de/en/2024
#infosec #BBA24
Guidance on Detecting and Mitigating Active Directory Compromises
www.cisa.gov/news-events/...
#infosec #blueteam
www.cisa.gov/news-events/...
#infosec #blueteam
ASD’s ACSC, CISA, and US and International Partners Release Guidance on Detecting and Mitigating Active Directory Compromises | CISA
www.cisa.gov
October 16, 2024 at 6:19 PM
Guidance on Detecting and Mitigating Active Directory Compromises
www.cisa.gov/news-events/...
#infosec #blueteam
www.cisa.gov/news-events/...
#infosec #blueteam
Event Log Talks a Lot: Identifying Human-operated Ransomware through Windows Event Logs
blogs.jpcert.or.jp/en/2024/09/w...
#infosec #blueteam
blogs.jpcert.or.jp/en/2024/09/w...
#infosec #blueteam
Event Log Talks a Lot: Identifying Human-operated Ransomware through Windows Event Logs - JPCERT/CC Eyes
The difficult part of the initial response to a human-operated ransomware attack is identifying the attack vector. You may already know from recent security incident trends that the vulnerabilities of...
blogs.jpcert.or.jp
October 15, 2024 at 1:00 PM
Event Log Talks a Lot: Identifying Human-operated Ransomware through Windows Event Logs
blogs.jpcert.or.jp/en/2024/09/w...
#infosec #blueteam
blogs.jpcert.or.jp/en/2024/09/w...
#infosec #blueteam
Active Directory Hardening Series - Part 5 - Enforcing LDAP Channel Binding
techcommunity.microsoft.com/t5/core-infr...
#infosec #blueteam
techcommunity.microsoft.com/t5/core-infr...
#infosec #blueteam
Active Directory Hardening Series - Part 5 – Enforcing LDAP Channel Binding
Channel Binding is a LDAP hardening setting that is often misunderstood and as a result is often not enabled. In this post I explain why it is important along..
techcommunity.microsoft.com
October 14, 2024 at 12:18 PM
Active Directory Hardening Series - Part 5 - Enforcing LDAP Channel Binding
techcommunity.microsoft.com/t5/core-infr...
#infosec #blueteam
techcommunity.microsoft.com/t5/core-infr...
#infosec #blueteam
SharpExclusionFinder: This C# tool finds Windows Defender folder exclusions using Windows Defender through its command-line tool (MpCmdRun.exe)
github.com/Friends-Secu...
A blog explaining the technique utilised can be viewed here: blog.fndsec.net/2024/10/04/u...
#infosec #pentest #redteam
github.com/Friends-Secu...
A blog explaining the technique utilised can be viewed here: blog.fndsec.net/2024/10/04/u...
#infosec #pentest #redteam
GitHub - Friends-Security/SharpExclusionFinder: Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without relying on even...
Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without relying on event logs - Friends-Security/SharpExclusionFinder
github.com
October 13, 2024 at 7:07 PM
SharpExclusionFinder: This C# tool finds Windows Defender folder exclusions using Windows Defender through its command-line tool (MpCmdRun.exe)
github.com/Friends-Secu...
A blog explaining the technique utilised can be viewed here: blog.fndsec.net/2024/10/04/u...
#infosec #pentest #redteam
github.com/Friends-Secu...
A blog explaining the technique utilised can be viewed here: blog.fndsec.net/2024/10/04/u...
#infosec #pentest #redteam
ConPass: How to do password spraying while minimizing the risk of locking accounts.
Spray passwords, avoid lockouts
en.hackndo.com/password-spr...
#infosec #pentest #redteam
Spray passwords, avoid lockouts
en.hackndo.com/password-spr...
#infosec #pentest #redteam
Spray passwords, avoid lockouts
Password spraying is a well-known technique which consists of testing the same password on several accounts. Although the technique seems simple, it’s not easy to put it into practice without side eff...
en.hackndo.com
July 28, 2024 at 7:46 AM
ConPass: How to do password spraying while minimizing the risk of locking accounts.
Spray passwords, avoid lockouts
en.hackndo.com/password-spr...
#infosec #pentest #redteam
Spray passwords, avoid lockouts
en.hackndo.com/password-spr...
#infosec #pentest #redteam
A nice write-up by Rayan Bouyaiche of @mpgn's Active Directory workshop at LeHack 2024. The workshop aimed to compromise an Active Directory environment and become DA of two domains as quickly as possible using only NetExec.
www.rayanle.cat/lehack-2024-...
#infosec #pentest #redteam
www.rayanle.cat/lehack-2024-...
#infosec #pentest #redteam
LeHack 2024 - NetExec workshop writeup
Like every year at LeHack, I was lucky enough to take part in mpgn's Active Directory workshop. The aim of the workshop was to compromise an Active Directory environment and become a Domain Admin of 2...
www.rayanle.cat
July 19, 2024 at 7:02 PM
A nice write-up by Rayan Bouyaiche of @mpgn's Active Directory workshop at LeHack 2024. The workshop aimed to compromise an Active Directory environment and become DA of two domains as quickly as possible using only NetExec.
www.rayanle.cat/lehack-2024-...
#infosec #pentest #redteam
www.rayanle.cat/lehack-2024-...
#infosec #pentest #redteam