I'm teaching my daughter the ABC and now bored with A is for Apple, X is for X-RAY so I came up with this #abcincode

Hacker bear’s tellin’ ya there’s some cool merch at @brucon store this year! #BruCON

From Shadows to Signals: Hunting Pass-the-Hash Attacks - In.security in.security/2025/09/08/from-… #MicrosoftSentinel #Cybersecurity #MicrosoftSecurity #Security #DefenderXDR

Grateful that @brucon want us back! 🥳 ...and we're thrilled to be back, this time running our Hacking Enterprises - 2024 Edition in a 3-day format on Sept 16-18 in Belgium. Tickets are already selling! brucon.org/2024/brucon-2024-…

We would like to express our condolences to Blue Teamers. Microsoft has announced Microsoft Excel will now support Python. More information: techcommunity.microsoft.com/…

[Training focus] ⚡ Discover the immersive 2-day Defending Enterprises of @rebootuser & @insecurity_ltd training during #HIP23 Want to know more about the training? ➡️ow.ly/nhzS50NRoVj #HIP23 #cybersecurity #event #training #SOC #defense

Yet another step closer to full vacation mode: ✅ Update aadinternals.com/osint/ If you give an existing user name, it will now show user's AAD ObjectId and Teams status (if available) 🔥 Nice way to check whether your favourite MS employee is online 😁 Have fun!

Early bird prices for both our Hacking and Defending training courses at @BlackHatEvents #BHUSA end on May 26th. Join us in Vegas to attack and defend! Links below

Ever want to test systems & see if your password is ever stored/sent in plaintext? Make it: X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H H* I am on the phone with a vendor right now because my test account is in an inoperable state. 🧐

[Training focus] ⚡ Discover the immersive 2-day Defending Enterprises of @rebootuser & @insecurity_ltd training during #HIP23 Want to know more about the training? ➡️ow.ly/nhzS50NRoVj #HIP23 #cybersecurity #event #training #SOC #defense

Introducing the Living Off The Land Drivers (LOLDrivers) project, a crucial resource that consolidates vulnerable and malicious drivers in one place to streamline research and analysis. loldrivers.io LOLDrivers enhances awareness of driver-related security risks and empowers organizations to mitigate these risks, improving their overall cybersecurity posture. By fostering collaboration and knowledge sharing within the cybersecurity community, LOLDrivers, along with sister projects like LOLBAS and GTFOBins, paves the way for a safer and more secure digital landscape. Read our release blog to learn all about the project and how to contribute haggis-m.medium.com/living-o… Huge shoutouts to @_josehelps , @bohops , @nas_bench , @cyb3rops and @mattnotmax for their invaluable contributions and unwavering support in bringing the LOLDrivers project to fruition. As we celebrate this milestone, we now invite the broader cybersecurity community to join us in this endeavor. Together, we can continue to enhance the project and share knowledge. Thank you once again to our amazing team, and let's keep the momentum going!

Red team VPN larks with @johnnyspandex and @Jstorr with sound advice on prevention

Detecting AD CS #subjectAltName (SAN) Abuse Using #KQL & #MicrosoftSentinel Problems tackled: 1️⃣ #ADCS logging is poor... 2️⃣ How do we map events that have no correlating fields? 3️⃣ Can logical thinking be expressed through KQL? in.security/2023/03/02/detec…

Check out this new doc that lists all the 🍪 cookies involved in an Azure AD authentication. 😀 learn.microsoft.com/azure/ac…

Stoked to announce that @insecurity_ltd are back at @BlackHatEvents USA this year with both our 2-day #Hacking and Defending #training courses. Hope to see you there! Hacking: blackhat.com/us-23/training/… Defending: blackhat.com/us-23/training/… #BHUSA

Join #BHASIA Trainings immersive hands-on course "Hacking Enterprises - 2023" that covers a multitude of TTP's. Learn how to fully compromise a simulated enterprise using modern techniques. Register here: bit.ly/3HkElNP

We've been promoting #LOLBAS detection using #MicrosoftSentinel and #KQL in our defensive training over the past few years, and it’s proven to be a popular query Check out the details in our new article! in.security/2023/02/01/kql-l…

Ensuring your defenses are up is a key activity in keeping your environment secure! During this two-day in-person class, you will immerse yourself as a SOC analyst learning on how to locate IOA's and IOC's and more! More info at brucon.org/2023/brucon-2023-… @rebootuser @Stealthsploit

⭐️ The Path to Pwnage ⭐️ Use the LOLBAS API to grab a list of known programs, then perform a check to see if the binary exists on the endpoint If a match is found the full path of the identified item will be written to a text file for later review 🤟 in.security/2023/01/24/the-p…

Excited to announce we'll be in-person in Singapore on May 9-10 running our Hacking Enterprises - 2023 Red Edition training at @BlackHatEvents Asia. Register below! blackhat.com/asia-23/trainin… #BHASIA #blackhat #pentest #redteam #hacking #training #cybersecurity

Finally revamped my original @hashcat rule OneRuleToRuleThemAll. The new and improved OneRuleToRuleThemStill has ~5% reduced rules with 0% performance drop against multiple breach datasets. Link is in the blog. Happy cracking! in.security/2023/01/10/oneru… #pentest #redteam