Joined March 2015
- Tweets 9,555
- Following 3,107
- Followers 320,558
- Likes 48,334
2,922 Photos and videos
Thanks to everyone who tuned into ContinuumCon 2026, participated in the workshops, the CTF, and of course the workshop developers & live presenters themselves -- huge thanks to everyone who contributed. ✌️
We'll have the individual session recordings up soon (after some rest 😅)
3
3
17
1,318
Matthew Nguyen starting the party for ContinuumCon Day 3, walking us through using Malcat (😻), FakeNet, and more for some sweet malware analysis! continuumcon.com
Jun 1
🚨 Workshop Spotlight #8 👉 "How to Analyze Malware"
by Matthew Nguyen
📝 Description
A practical introduction to malware analysis for beginners, focused on building a foundational workflow rather than diving straight into reverse engineering.
You'll cover the key principles of a safe lab setup, basic static analysis, and dynamic analysis using sandbox environments and tools you can run in your own lab (like FlareVM).
The session includes a guided walkthrough of a real malware sample pulled from a malware database, with attention to the techniques you'll encounter most often: persistence mechanisms and command-and-control communication.
By the end, you'll have a clear framework for analyzing malware, an understanding of the common techniques malicious software uses, and the confidence to begin your own analysis safely.
🎟️ Only at ContinuumCon 2026: June 12-14
Work through it live, or revisit the lab on your own time. Own it forever. The workshop doesn't end when the conference does.
Got your ticket yet? 👉 continuumcon.com/
Hosted by @_JohnHammond, @JustHackingHQ, @AnthonyBendas, and @Level_Effect !
1
4
23
3,971
Jun 13
Back from break and now @IceSolst carrying us through Practical Security Engineering! And a sweet "How do we secure our product?" brainstorming session with the live chat for @_ContinuumCon_ 😎 continuumcon.com/
3
7
49
5,050
John Hammond retweeted
Jun 13
There was so much from @brysonbort and @strandjs in today's @_ContinuumCon_
My favorite take was from Bryson around building relationships.
One of things that makes a big difference in IR is having good relationships with different areas of the business.
During an incident I know exactly who to contact.
I am able to understand their work style, what they like/don't like. Who the backups are! This is huge when you can't get ahold of your main POC.
IR can be more of a social exercise than anything else 😉
You also end up making long lasting friendships!
4
5
27
3,231
John Hammond retweeted
Jun 13
Super awesome presentation on AI agent security and sandboxes by @ZackKorman. Like seriously if you are trying to navigate this crazy AI stuff, Zack’s a great guy to follow.
Best part is Zack literally is incapable of sugar coating things. Super pragmatic/no bs kinda approach
Cc @_ContinuumCon_
3
9
40
4,330
John Hammond retweeted
Jun 13
To paraphrase one of my favorite highlights, we solve these agent problems with good security fundamentals, not with complex abstract philosophies none of us really understand.
Or as @techspence just added in Q&A, doing the basics right is the answer. That said, when we consider the basics, we need to layer in the newer knowledge of how agents behave, what trust boundaries exist, and how it works when these trust boundaries are abused for escape and takeover.
If you missed this one, be sure to go back and watch it / explore the workshop.
Jun 13
AI breakout wizard @ZackKorman walking through his process for Escaping AI Sandboxes for @_ContinuumCon_ Day 2! 🔥 continuumcon.com
4
3
28
5,449
Jun 13
AI breakout wizard @ZackKorman walking through his process for Escaping AI Sandboxes for @_ContinuumCon_ Day 2! 🔥 continuumcon.com
2
11
117
12,204
Jun 12
big thanks to everyone who hung out with us for @_ContinuumCon_ today
see you tomorrow for more fun ✌️
3
8
45
5,088
John Hammond retweeted
Jun 12
Things that weren’t on our 2026 bingo card: LimeWire in a ransomware investigation. 🍋🟩
Our analysts started pulling the thread after an Akira affiliate stood up a fresh VM inside the victim's environment.
Writeup from @LindseyOD123 and Harlan Carvey.
okt.to/GdjNAL
1
6
16
3,816
John Hammond retweeted
Me when I see LimeWire being used in an Akira affiliate ransomware attack in the year of our lord 2026
huntress.com/blog/akira-rans…
1
7
63
6,227
Jun 12
And @techspence CRUSHED IT for the live presentation of his "Killing Active Directory Attack Paths Once and For All" workshop for @_ContinuumCon_ !!!
3
6
79
6,425
Jun 12
Jun 12
Any time I see @techspence present, I think holy shit, he’s such a professional
I’ve taken many courses but this guy is on another level
This is his attacking AD course on @_ContinuumCon_ (live now)
2
13
3,937
John Hammond retweeted
Jun 12
Any time I see @techspence present, I think holy shit, he’s such a professional
I’ve taken many courses but this guy is on another level
This is his attacking AD course on @_ContinuumCon_ (live now)
9
17
161
15,128
John Hammond retweeted
Jun 12
A little preview of my ContinuumCon talk, which is today at 1:30pm eastern.
Episode 184 | Active Directory Isn't Dead. It's Just Undefended
youtu.be/slY2ifo24Ws?is=o_bw…
2
37
3,710