Scoubi
@scoubi.bsky.social
Infosec, Detection Engineering, Threat Research, Threat Hunting, OffSec, Conference Organizer.
Pinned
Scoubi
@scoubi.bsky.social
· Jul 10
DEATHcon Montreal - On Site
2 days of hands-on Detection Engineering and Threat Hunting workshops! Join us Live in Montreal.
eventbrite.ca
Tickets for #DEATHcon in Montreal are on sale now!
Book now to secure your place. FYI, Virtual Tickets for round 1 are already Sold Out!
eventbrite.ca/e/deathcon-m...
Additional info (like workshops) for the con can be found here : deathcon.io
Please like & repost for reach
Book now to secure your place. FYI, Virtual Tickets for round 1 are already Sold Out!
eventbrite.ca/e/deathcon-m...
Additional info (like workshops) for the con can be found here : deathcon.io
Please like & repost for reach
Reposted by Scoubi
Dirk-jan Mollema found one of the most severe vulnerabilities ever discovered in Microsoft Entra ID.
One that could have compromised every tenant in the cloud.
In this episode, we unpack the story, the stress, and the mindset behind responsible disclosure. 🔥
One that could have compromised every tenant in the cloud.
In this episode, we unpack the story, the stress, and the mindset behind responsible disclosure. 🔥
October 24, 2025 at 1:24 PM
Dirk-jan Mollema found one of the most severe vulnerabilities ever discovered in Microsoft Entra ID.
One that could have compromised every tenant in the cloud.
In this episode, we unpack the story, the stress, and the mindset behind responsible disclosure. 🔥
One that could have compromised every tenant in the cloud.
In this episode, we unpack the story, the stress, and the mindset behind responsible disclosure. 🔥
Reposted by Scoubi
Introducing PingOneHound! This OpenGraph extension for BloodHound can help you identify, analyze, execute, and remediate attack paths in PingOne organizations. Read the introductory blog post here: specterops.io/blog/2025/10...
PingOne Attack Paths - SpecterOps
You can use PingOneHound in conjunction with BloodHound Community Edition to discover, analyze, execute, and remediate identity-based attack paths in PingOne instances.
specterops.io
October 20, 2025 at 5:43 PM
Introducing PingOneHound! This OpenGraph extension for BloodHound can help you identify, analyze, execute, and remediate attack paths in PingOne organizations. Read the introductory blog post here: specterops.io/blog/2025/10...
Reposted by Scoubi
Happy #BloodHoundBasics Day from @scoubi.bsky.social!
By now, you've probably heard about our Query Library. But did you know you can run any query in your own instance of BHE/BHCE and then save the query to your Personal Library?
Follow the steps threaded below!
🧵: 1/5
By now, you've probably heard about our Query Library. But did you know you can run any query in your own instance of BHE/BHCE and then save the query to your Personal Library?
Follow the steps threaded below!
🧵: 1/5
September 26, 2025 at 6:18 PM
Happy #BloodHoundBasics Day from @scoubi.bsky.social!
By now, you've probably heard about our Query Library. But did you know you can run any query in your own instance of BHE/BHCE and then save the query to your Personal Library?
Follow the steps threaded below!
🧵: 1/5
By now, you've probably heard about our Query Library. But did you know you can run any query in your own instance of BHE/BHCE and then save the query to your Personal Library?
Follow the steps threaded below!
🧵: 1/5
Reposted by Scoubi
Today is the 30th anniversary of Hackers
September 15, 2025 at 11:56 PM
Today is the 30th anniversary of Hackers
Reposted by Scoubi
The final round of #DEATHCon2025 online tickets will drop on 9/9 at 0900 UTC deathcon.io/tickets.html
In-person tickets still available at some sites (1/4)
In-person tickets still available at some sites (1/4)
September 6, 2025 at 6:10 PM
The final round of #DEATHCon2025 online tickets will drop on 9/9 at 0900 UTC deathcon.io/tickets.html
In-person tickets still available at some sites (1/4)
In-person tickets still available at some sites (1/4)
Interested in hands-on learning of #DetectionEngineering and #ThreatHunting ?
We still have a few tickets left for @DEATHCon2025 in #Montreal
We are lucky enough to have 4 Workshops Leaders with us that will be able to hosts a Live Play of their workshop and help you complete it!
We still have a few tickets left for @DEATHCon2025 in #Montreal
We are lucky enough to have 4 Workshops Leaders with us that will be able to hosts a Live Play of their workshop and help you complete it!
DEATHcon Montreal - On Site
2 days of hands-on Detection Engineering and Threat Hunting workshops! Join us Live in Montreal.
www.eventbrite.ca
August 20, 2025 at 4:45 PM
Interested in hands-on learning of #DetectionEngineering and #ThreatHunting ?
We still have a few tickets left for @DEATHCon2025 in #Montreal
We are lucky enough to have 4 Workshops Leaders with us that will be able to hosts a Live Play of their workshop and help you complete it!
We still have a few tickets left for @DEATHCon2025 in #Montreal
We are lucky enough to have 4 Workshops Leaders with us that will be able to hosts a Live Play of their workshop and help you complete it!
Reposted by Scoubi
Fucking do it, I dare you.
August 17, 2025 at 9:29 PM
Fucking do it, I dare you.
Reposted by Scoubi
What all do you need to know about BloodHound CE 8.0 & OpenGraph? @scoubi.bsky.social is joining @redsiege.com's Wednesday Offensive tomorrow to dive into the JSON schema for OpenGraph, how to ingest nodes & edges, best practices, & how to create custom icons.
Join 👉 ghst.ly/46MNltn
Join 👉 ghst.ly/46MNltn
August 12, 2025 at 4:00 PM
What all do you need to know about BloodHound CE 8.0 & OpenGraph? @scoubi.bsky.social is joining @redsiege.com's Wednesday Offensive tomorrow to dive into the JSON schema for OpenGraph, how to ingest nodes & edges, best practices, & how to create custom icons.
Join 👉 ghst.ly/46MNltn
Join 👉 ghst.ly/46MNltn
Reposted by Scoubi
This month's NoiseLetter will make the perfect light reading for a trip to say...Vegas? Make sure to check it out (even if you're not headed to BlackHat/DEF CON there is something in it for you). 🤘
NoiseLetter July 2025
Get GreyNoise updates! Read the July 2025 NoiseLetter for product news, key resources, the latest tags and vulnerabilities, and more.
www.greynoise.io
August 1, 2025 at 8:46 PM
This month's NoiseLetter will make the perfect light reading for a trip to say...Vegas? Make sure to check it out (even if you're not headed to BlackHat/DEF CON there is something in it for you). 🤘
Reposted by Scoubi
The Python Software Foundation warns of phishing emails directing users to a fake PyPI site (pypj. org) to steal credentials. PyPI isn’t hacked, but users are urged to stay alert.
www.bleepingcomputer.com/news/securit...
Via @bleepingcomputer.com
#hacking #infosec #cybersecurity
www.bleepingcomputer.com/news/securit...
Via @bleepingcomputer.com
#hacking #infosec #cybersecurity
Hackers target Python devs in phishing attacks using fake PyPI site
The Python Software Foundation warned users this week that threat actors are trying to steal their credentials in phishing attacks using a fake Python Package Index (PyPI) website.
www.bleepingcomputer.com
July 31, 2025 at 1:51 PM
The Python Software Foundation warns of phishing emails directing users to a fake PyPI site (pypj. org) to steal credentials. PyPI isn’t hacked, but users are urged to stay alert.
www.bleepingcomputer.com/news/securit...
Via @bleepingcomputer.com
#hacking #infosec #cybersecurity
www.bleepingcomputer.com/news/securit...
Via @bleepingcomputer.com
#hacking #infosec #cybersecurity
Reposted by Scoubi
This is AMAZING
July 30, 2025 at 7:22 PM
This is AMAZING
Reposted by Scoubi
Think being compliant = being secure? Think again. 🤔
Hear from @scoubi.bsky.social at #BSidesLV as he exposes the gap between blindly following rules & security posture.
Get the info on password security & what to do when "compliant" passwords fail you. ghst.ly/4o66cWk
Hear from @scoubi.bsky.social at #BSidesLV as he exposes the gap between blindly following rules & security posture.
Get the info on password security & what to do when "compliant" passwords fail you. ghst.ly/4o66cWk
July 25, 2025 at 1:21 PM
Think being compliant = being secure? Think again. 🤔
Hear from @scoubi.bsky.social at #BSidesLV as he exposes the gap between blindly following rules & security posture.
Get the info on password security & what to do when "compliant" passwords fail you. ghst.ly/4o66cWk
Hear from @scoubi.bsky.social at #BSidesLV as he exposes the gap between blindly following rules & security posture.
Get the info on password security & what to do when "compliant" passwords fail you. ghst.ly/4o66cWk
Reposted by Scoubi
Happy #BloodHoundBasics Day from @scoubi.bsky.social! 🎉
Have you ever run a Cypher Query & get so many nodes you couldn't see anything? You Pinch Zoom to get a closer look and it worked fine, but you Pinch Un-zoom & the application resized.
🧵: 1/2
Have you ever run a Cypher Query & get so many nodes you couldn't see anything? You Pinch Zoom to get a closer look and it worked fine, but you Pinch Un-zoom & the application resized.
🧵: 1/2
July 11, 2025 at 6:34 PM
Happy #BloodHoundBasics Day from @scoubi.bsky.social! 🎉
Have you ever run a Cypher Query & get so many nodes you couldn't see anything? You Pinch Zoom to get a closer look and it worked fine, but you Pinch Un-zoom & the application resized.
🧵: 1/2
Have you ever run a Cypher Query & get so many nodes you couldn't see anything? You Pinch Zoom to get a closer look and it worked fine, but you Pinch Un-zoom & the application resized.
🧵: 1/2
Only 3 Early Bird tickets left!!
Tickets for #DEATHcon in Montreal are on sale now!
Book now to secure your place. FYI, Virtual Tickets for round 1 are already Sold Out!
eventbrite.ca/e/deathcon-m...
Additional info (like workshops) for the con can be found here : deathcon.io
Please like & repost for reach
Book now to secure your place. FYI, Virtual Tickets for round 1 are already Sold Out!
eventbrite.ca/e/deathcon-m...
Additional info (like workshops) for the con can be found here : deathcon.io
Please like & repost for reach
DEATHcon Montreal - On Site
2 days of hands-on Detection Engineering and Threat Hunting workshops! Join us Live in Montreal.
eventbrite.ca
July 11, 2025 at 2:17 AM
Only 3 Early Bird tickets left!!
Tickets for #DEATHcon in Montreal are on sale now!
Book now to secure your place. FYI, Virtual Tickets for round 1 are already Sold Out!
eventbrite.ca/e/deathcon-m...
Additional info (like workshops) for the con can be found here : deathcon.io
Please like & repost for reach
Book now to secure your place. FYI, Virtual Tickets for round 1 are already Sold Out!
eventbrite.ca/e/deathcon-m...
Additional info (like workshops) for the con can be found here : deathcon.io
Please like & repost for reach
DEATHcon Montreal - On Site
2 days of hands-on Detection Engineering and Threat Hunting workshops! Join us Live in Montreal.
eventbrite.ca
July 10, 2025 at 12:59 PM
Tickets for #DEATHcon in Montreal are on sale now!
Book now to secure your place. FYI, Virtual Tickets for round 1 are already Sold Out!
eventbrite.ca/e/deathcon-m...
Additional info (like workshops) for the con can be found here : deathcon.io
Please like & repost for reach
Book now to secure your place. FYI, Virtual Tickets for round 1 are already Sold Out!
eventbrite.ca/e/deathcon-m...
Additional info (like workshops) for the con can be found here : deathcon.io
Please like & repost for reach
Tickets for "DEATHcon - Montreal On Site" go on sale July 8th at 8am.
www.eventbrite.ca/e/deathcon-m...
Be with 50 other DE&TH aficionados for a whole weekend Nov 8-9 2025!!
#DEATHcon #Workshops #DetectionEngineering #ThreatHunting
www.eventbrite.ca/e/deathcon-m...
Be with 50 other DE&TH aficionados for a whole weekend Nov 8-9 2025!!
#DEATHcon #Workshops #DetectionEngineering #ThreatHunting
DEATHcon Montreal - On Site
2 days of hands-on Detection Engineering and Threat Hunting workshops! Join us Live in Montreal.
www.eventbrite.ca
June 28, 2025 at 4:55 PM
Tickets for "DEATHcon - Montreal On Site" go on sale July 8th at 8am.
www.eventbrite.ca/e/deathcon-m...
Be with 50 other DE&TH aficionados for a whole weekend Nov 8-9 2025!!
#DEATHcon #Workshops #DetectionEngineering #ThreatHunting
www.eventbrite.ca/e/deathcon-m...
Be with 50 other DE&TH aficionados for a whole weekend Nov 8-9 2025!!
#DEATHcon #Workshops #DetectionEngineering #ThreatHunting
Reposted by Scoubi
How attackers move between AD domains via trusts depends on trust type & config. We're replacing TrustedBy edge in BloodHound with new trust edges for better attack path mapping.
Check out @jonas-bk.bsky.social's blog post to learn more. ghst.ly/4lj9C5T
Check out @jonas-bk.bsky.social's blog post to learn more. ghst.ly/4lj9C5T
Good Fences Make Good Neighbors: New AD Trusts Attack Paths in BloodHound - SpecterOps
The ability of an attacker controlling one domain to compromise another through an Active Directory (AD) trust depends on the trust type and configuration. To better map these relationships and make i...
ghst.ly
June 25, 2025 at 11:30 PM
How attackers move between AD domains via trusts depends on trust type & config. We're replacing TrustedBy edge in BloodHound with new trust edges for better attack path mapping.
Check out @jonas-bk.bsky.social's blog post to learn more. ghst.ly/4lj9C5T
Check out @jonas-bk.bsky.social's blog post to learn more. ghst.ly/4lj9C5T
Reposted by Scoubi
Ghostwriter v6's new collaborative editing feature is 🔥
Alex Parrill & @printingprops.com discuss the new real-time collaborative editing for observations, findings, & report fields, enabling multiple users to edit simultaneously without overwriting each other. ghst.ly/4jVqdvG
Alex Parrill & @printingprops.com discuss the new real-time collaborative editing for observations, findings, & report fields, enabling multiple users to edit simultaneously without overwriting each other. ghst.ly/4jVqdvG
Ghostwriter v6: Introducing Collaborative Editing - SpecterOps
Ghostwriter now supports real-time collaborative editing for observations, findings, and report fields using the YJS framework, Tiptap editor, and Hocuspocus server, enabling multiple users to edit si...
ghst.ly
June 18, 2025 at 8:14 PM
Ghostwriter v6's new collaborative editing feature is 🔥
Alex Parrill & @printingprops.com discuss the new real-time collaborative editing for observations, findings, & report fields, enabling multiple users to edit simultaneously without overwriting each other. ghst.ly/4jVqdvG
Alex Parrill & @printingprops.com discuss the new real-time collaborative editing for observations, findings, & report fields, enabling multiple users to edit simultaneously without overwriting each other. ghst.ly/4jVqdvG
Reposted by Scoubi
#HuntingTipOfTheDay: a personal favourite, command-line obfuscation. Substituting or inserting special Unicode characters might allow attackers to bypass string-based detections. Look for command lines with unusual Unicode characters. Checkout ArgFuscator.net for more fun!
June 11, 2025 at 9:02 AM
#HuntingTipOfTheDay: a personal favourite, command-line obfuscation. Substituting or inserting special Unicode characters might allow attackers to bypass string-based detections. Look for command lines with unusual Unicode characters. Checkout ArgFuscator.net for more fun!
Reposted by Scoubi
#HuntingTipOfTheDay: macOS has a built-in SSH mechanism that is disabled by default. Would you detect it if someone enables it and logs in remotely? Look for remote login events, and investigate the associated session.
June 10, 2025 at 9:02 AM
#HuntingTipOfTheDay: macOS has a built-in SSH mechanism that is disabled by default. Would you detect it if someone enables it and logs in remotely? Look for remote login events, and investigate the associated session.
Personalized my work laptop a bit
June 7, 2025 at 4:30 PM
Personalized my work laptop a bit
Reposted by Scoubi
Reposted by Scoubi
🚨 New #BloodHoundBasics courtesy of @scoubi.bsky.social!
You've successfully compromised Bob in marketing's account in an engagement. Mark it as Owned by right-clicking ➡️ "Add to Owned" ➡️ run the query "Shortest Paths from Owned objects to Tier Zero" & see your new attack paths!
(1/2)
You've successfully compromised Bob in marketing's account in an engagement. Mark it as Owned by right-clicking ➡️ "Add to Owned" ➡️ run the query "Shortest Paths from Owned objects to Tier Zero" & see your new attack paths!
(1/2)
May 30, 2025 at 6:06 PM
🚨 New #BloodHoundBasics courtesy of @scoubi.bsky.social!
You've successfully compromised Bob in marketing's account in an engagement. Mark it as Owned by right-clicking ➡️ "Add to Owned" ➡️ run the query "Shortest Paths from Owned objects to Tier Zero" & see your new attack paths!
(1/2)
You've successfully compromised Bob in marketing's account in an engagement. Mark it as Owned by right-clicking ➡️ "Add to Owned" ➡️ run the query "Shortest Paths from Owned objects to Tier Zero" & see your new attack paths!
(1/2)
Reposted by Scoubi
Local to Las Vegas? Looking to mingle with and learn from some of the best people you'll ever meet? Locals and students can get a BSidesLV badge for $35.
More information is available online in the FAQ: bsideslv.org/registr...
More information is available online in the FAQ: bsideslv.org/registr...
May 23, 2025 at 12:00 PM
Local to Las Vegas? Looking to mingle with and learn from some of the best people you'll ever meet? Locals and students can get a BSidesLV badge for $35.
More information is available online in the FAQ: bsideslv.org/registr...
More information is available online in the FAQ: bsideslv.org/registr...
Waiting for the bus to go to #NorthSec2025
That’s what ne thing I do not miss from the pre covid era! (Waiting for the bus. Not going to NSec!!)
If you want to talk all things #BloodHound (BHE & BHCE) let me know. I may or may not have something in return ☺️
#NSEC2025
That’s what ne thing I do not miss from the pre covid era! (Waiting for the bus. Not going to NSec!!)
If you want to talk all things #BloodHound (BHE & BHCE) let me know. I may or may not have something in return ☺️
#NSEC2025
May 15, 2025 at 12:10 PM
Waiting for the bus to go to #NorthSec2025
That’s what ne thing I do not miss from the pre covid era! (Waiting for the bus. Not going to NSec!!)
If you want to talk all things #BloodHound (BHE & BHCE) let me know. I may or may not have something in return ☺️
#NSEC2025
That’s what ne thing I do not miss from the pre covid era! (Waiting for the bus. Not going to NSec!!)
If you want to talk all things #BloodHound (BHE & BHCE) let me know. I may or may not have something in return ☺️
#NSEC2025