📣 30 Minutes to @_ContinuumCon_ 2026 📣 Free to Stream... Affordable to Hack-Along! Join us at continuumcon.com or anywhere @_JohnHammond streams.

ROCKSTARS helping start the party for ContinuumCon today!! continuumcon.com/

AI breakout wizard @ZackKorman walking through his process for Escaping AI Sandboxes for @_ContinuumCon_ Day 2! 🔥 continuumcon.com

INCREDIBLE PEOPLE @_ContinuumCon_

🚨 #ContinuumCon Day 2 of 3 Starts in 1 Hour 🚨 Free to Stream! Affordable to Hack-Along during AND after the event! continuumcon.com/ Day 2 opens with some playful ranting by John Strand & Bryson Bort, then some AI goodness back-to-back with Zack Korman escaping sandboxes, then Hack-Along with Eva Benn & Andrew Bellini as they step you through prompt injection on OnlyLANs.ai. And that's all before our lunch break! @_ContinuumCon_ is the online cybersecurity con that never ends & EVERY talk is a hands-on workshop. Hosted by John Hammond & Anthony Bendas, this unique practical event is brought to you by Just Hacking Training & @Level_Effect. #cybersecurity #training #conference #ethicalhacking #workshop

Day 1 now includes @vxunderground, we are honored to have you join 🙏 x.com/vxunderground/status/2… Con's gonna kick off with a banger panel !

🎤 ContinuumCon 2026 Spotlight - Keynote AMAs! Two live AMAs and both completely unscripted. These are your sessions. Bring the questions! 📅 Day 1 Keynote: "Panel AMA" with @rekdt Jamie Williams @Jun34u_sec @RachelTobac A four-person panel spanning social engineering, adversary emulation, and decades of hacker history. Bring your questions on any of it. Ask them anything you'd like. 📅 Day 2 Keynote: AMA "Spicy Rant" with @brysonbort @strandjs Two industry veterans, zero script, going off on whatever's broken, overhyped, or worth fighting about in security right now. Bring your hottest takes and your hardest questions! 🎟️ Only at ContinuumCon 2026: June 12 - 14 Work through it live, or revisit the labs on your own time. Own it forever. The workshop doesn't end when the conference does. Got your ticket yet? 👉 continuumcon.com/ Hosted by @_JohnHammond , @JustHackingHQ , @AnthonyBendas , and @Level_Effect !

oh COM on… hijacked AGAIN? 😅 Component Object Model (COM) is a Microsoft binary interface standard that lets software components talk to each other regardless of what language they were written in. And that interoperability? Attackers love it. Dahvid Schloss breaks down how COMDL32 can be weaponized to execute code and honestly, it's a must-watch if you're serious about understanding post-exploitation techniques. Want to go deeper? Check out this Windows Malware Development course: justhacking.com/course/wmd-6… #Malware #Hacking #MalwareDevelopment #CyberSecurity #Programming

🚨 Workshop Spotlight # 15 👉 "Hunting Prompt Injection: Breaking AI Applications and CI/CD Pipelines" by Mackenzie Jackson (@advocatemack), Field CTO at @AikidoSecurity 📝 Description Prompt injection started off as a bit of a gimmick. A way to make bots on Twitter say funny things or bypass a model's safeguards. But as we integrate AI into the fundamental workflows of our applications and build processes, it transforms into a critical threat, and one that is technically unsolvable. This workshop focuses on how to find, validate, and exploit prompt injection in the wild. You'll break down why it's unsolvable from a technological standpoint: LLMs process everything as unstructured tokens, so there's zero architectural boundary separating instructions from data. From there, it's hands-on. You'll start with basic chatbot injections, then build up to tricking AI-powered applications into leaking sensitive files and repository secrets. The finale recreates a critical pipeline vulnerability the team discovered inside Google's own Gemini CI/CD infrastructure. You'll see exactly how a sneaky instruction hidden inside a normal GitHub issue forced an AI agent to run shell tools and leak privileged GITHUB_TOKEN and GEMINI_API_KEY credentials into public view. Then you'll learn how to defend against it: restricting agent toolsets, isolating blast radius, and treating all AI output as untrusted. If you want to understand how to hunt prompt injection inside real applications, this workshop is for you. 🎟️ Only at ContinuumCon 2026: June 12 - 14 Work through it live, or revisit the lab on your own time. Own it forever. The workshop doesn't end when the conference does. Got your ticket yet? 👉 continuumcon.com/ Hosted by @_JohnHammond , @JustHackingHQ , @AnthonyBendas , and @Level_Effect !

🚨 Workshop Spotlight # 14 👉 "Offensive Threat Intel: Tracking & Disrupting Adversaries for Fun" by Josh Allman (@xorJosh) & Ben Folland (@polygonben), of CtrlAltIntel 📝 Description You don't need access to private telemetry or a job at a major security firm to hunt down threat actors in the wild and impose costs. Josh and Ben are proof. A couple of friends having fun built CtrlAltIntel and ended up making an impact on a global scale, supporting governments, military organizations, law enforcement, and more, all from analyzing public data. This workshop walks through how they did it, and how you can too. You'll learn their methodology for tracking adversaries using platforms like Hunt.io, Censys, and Shodan, complete with specific queries and real-world examples. Then, get in the driver's seat: - In The Hunt, you'll practice querying and pivoting from a single data point to identify and report active threat actor infrastructure. - In Mining Gold from Open Directories, you'll work with safe data from their previous hunts and run your own analysis. Their goal is simple: inspire you to give this a go and start taking down cybercriminals yourself. 🎟️ Only at ContinuumCon 2026 Work through it live, or revisit the lab on your own time. Own it forever. The workshop doesn't end when the conference does. Got your ticket yet? 👉 continuumcon.com/ Hosted by @_JohnHammond , @JustHackingHQ , @AnthonyBendas , and @Level_Effect !

🚨 Workshop Spotlight # 13 👉 "Hacking Over & Under The Wire" by Andy Piazza (@klrgrz), Senior Director of Threat Intelligence at Palo Alto Networks Unit 42 📝 Description Andy built this workshop for the version of himself 15 years ago, when everyone made getting started look easy and nobody bothered to show step one: setting up the environment. This one's for the n00bs who don't even know where to start. The ones overwhelmed by the idea of doing a CTF or setting up their own lab. The ones who tried to follow a tutorial and got lost on step one. He walks you through installing and configuring PuTTY, then jumps into Bandit on Overthewire.org for a live walkthrough of the first few SSH-based levels. From there, he moves to Century on Underthewire.tech and does the same with PowerShell, comparing each command to its Linux equivalent so you actually see the bridge between the two worlds. By the end, you've got a foundation in SSH and PowerShell, two CTF platforms you can keep practicing on for free, and an understanding of how the commands you're learning map to real-world work in Red Teaming, DFIR, and threat hunting. 🎟️ Only at ContinuumCon 2026: June 12 - 14 Work through it live, or revisit the lab on your own time. Own it forever. The workshop doesn't end when the conference does. Got your ticket yet? 👉 continuumcon.com/ Hosted by @_JohnHammond , @JustHackingHQ , @AnthonyBendas , and @Level_Effect !

🚨 Workshop Spotlight # 12 👉 "StegoDefender: Hunting Malware Hidden in Plain Sight - Advanced Steganography Detection & Payload Extraction" by Christopher Dio C., Chief Cyber Security Researcher at Radar IT Systems Inc. 📝 Description Cybercriminals have become digital artists of deception, practicing a technique called steganography: the ancient art of hiding secrets in plain sight. Traditional signature-based antivirus and static analysis tools are largely blind to these threats, leaving a critical gap in defense. In this workshop, we'll look at combining deep structural analysis of over a dozen file formats (JPEG, PNG, PDF, ZIP, WAV, and more) with adaptive heuristics, baseline profiling, and active probing to detect even the most sophisticated steganographic embeddings. We'll use StegoDefender to extract and decode hidden payloads, harvest network indicators (URLs, IPs, domains, crypto addresses), and integrate YARA rules for signature-based threat identification. If you're a threat hunter, DFIR analyst, or malware researcher, this is the workshop that helps with a blind spot in your stack. 🎟️ Only at ContinuumCon 2026: June 12 - 14 Work through it live, or revisit the lab on your own time. Own it forever. The workshop doesn't end when the conference does. Got your ticket yet? 👉 continuumcon.com/ Hosted by @_JohnHammond, @JustHackingHQ, @AnthonyBendas, and @Level_Effect !

Introducing: OnlyLANs.ai ! 🛜🤖😂 A free prompt injection wargame to troubleshoot your local network with an AI assistant; and a challenge to have it leak some secrets! Brought to you by @JustHackingHQ, @_ContinuumCon_, @d1gitalandrew Andrew Bellini & Eva Benn.

Malware or Typo? Andrew Pla and John Hammond discover a typo in a PowerShell script that raised some red flags. PowerShell is deeply integrated into Windows environments, making it essential for tasks like Active Directory management, log analysis, and automating security audits. It's also heavily used in offensive security and malware, so understanding it helps defenders detect, analyze, and respond to PowerShell-based attacks. You can learn more PowerShell tips and tricks by @AndrewPlaTech in our Free Upskill Challenge (UC): justhacking.com/uc/uc-powers… #PowerShell #scripting #sysadmin #networking #techtips

Prizes Sponsor Alert 🏅 Our Prize Sponsor @JustHackingHQ is bringing the rewards to match the skills, and trust us, you’ll want to compete for these! Ready to prove yourself and take something home? 📍 ISEP - Porto 📅 June 26–27 #bsides #hacking #prize #infosec #sponsor

The C Documentary is live. Go take a look... youtu.be/lI7tMxzSJ7w?si=kF2B…

🚨 Workshop Spotlight # 11 👉 "What the Current and Future of Iranian & Other Nation-State APT Cyber Attacks Look Like" by Douglas Kaluhiokalani, Founder of Cyber Kata, LLC 📝 Description Nation-state cyber operations don't slow down. They evolve. This session looks at where Iranian and other nation-state APT activity is right now, and where it's heading next. We'll walk through TTPs of threat groups making active news, including Handala (responsible for the Stryker attack) and the resurgence of MuddyWaters with their GhostBackdoor implant. We'll also dig into how the war with Iran has changed the threat landscape and exposed Blue Teams to new categories of attack. You'll get a look at runbooks built for MS Sentinel, designed to be adapted to whatever security tooling your team already uses. The focus throughout is on what Blue Teams should actually be doing to defend. If you work in threat hunting, threat intelligence, or detection engineering, this one's for you. 🎟️ Only at ContinuumCon 2026: June 12-14 Work through it live, or revisit the lab on your own time. Own it forever. The workshop doesn't end when the conference does. Got your ticket yet? 👉 continuumcon.com/ Hosted by @_JohnHammond , @JustHackingHQ , @AnthonyBendas , and @Level_Effect !

One cmdlet turns raw JSON into a full PowerShell object. Here's how. PowerShell is one of the most powerful tools in a sysadmin or network engineer's arsenal, letting you automate repetitive tasks, manage systems at scale, and pull data that would take hours to gather manually. Whether you're just getting started or looking to level up your scripting game, learning PowerShell is one of the highest-ROI skills you can add to your tech toolkit. You can learn more PowerShell tips and tricks by @AndrewPlaTech in our Free Upskill Challenge (UC): justhacking.com/uc/uc-powers… #PowerShell #scripting #sysadmin #networking #techtips