@scadasl profile picture
scadastrangelove @scadasl

The Group of security researchers focused on ICS/SCADA to save Humanity from industrial disaster and to keep Purity Of Essence.

Joined July 2012
  • Tweets 1,790
  • Following 13
  • Followers 2,442
Photos and videos
An OWASP SAMM Extension proposal for AI-Driven Development This document extends OWASP SAMM to systems where software is no longer the only actor. github.com/scadastrangelove/… v0.3 highlights Five additions that emerged from publication consistency review and real audit feedback.
59
A curated list of tools for AI security and AI-assisted cybersecurity — autotriage, agent security, AI/ML supply chain, pentest agents, AI SAST, LLM-driven fuzzing, threat intelligence, SOC/SIEM triage, reverse engineering, LLM red-teaming, and more. github.com/scadastrangelove/…

GitHub - scadastrangelove/awesome-ai-security-tools: A curated list of public-source, research, and...

A curated list of public-source, research, and commercial tools for AI security and AI-assisted cybersecurity — autotriage, agent security, AI/ML supply chain, pentest agents, AI SAST, LLM-driven f...

github.com
1
2
157
ПРОГРАММА ёPRSTCON СОБРАНА Финал. Сетка готова, опубликована, можно изучать. → yoprstcon.ru/program.html t.me/yoprstcon/32
1
71
ёprstcon — community one-day con in Moscow, May 26. Open call for anyone whose talk fits the room. 200 people, infosec unusually curious crowd from adjacent fields. No sponsors. No VIP. Pallets instead of seats. ёprstcon is about you, your con, man. yoprst.me/
0:06
1
88
From Artifacts to Risk: Auditing Instruction Surfaces in Agent Systems This paper presents a bottom-up, artifact-centric audit of instruction surfaces in agent systems. zenodo.org/records/20028366
71
OWASP SAMM asks: “Did we build the software securely?” Agentic SDLC must asks: Can the system be manipulated into taking unsafe actions after it is built? That’s what Agentic SAMM is for — an OpenSAMM for AI-driven development. github.com/scadastrangelove/… #DevSecOps #AIsecurity

GitHub - scadastrangelove/asamm: Agentic SAMM - An OWASP SAMM Extension for AI-Driven Development

Agentic SAMM - An OWASP SAMM Extension for AI-Driven Development - scadastrangelove/asamm

github.com
79
Forensic auditor for local AI coding agents (Claude Code, Codex CLI, OpenClaw) and project-surface scanner for repos containing skills, plugins, and MCP manifests. github.com/scadastrangelove/… agent-audit is one of the implementation projects in the broader ASAMM effort.

GitHub - scadastrangelove/agent-audit: Forensic auditor for local AI coding agents (Claude Code,...

Forensic auditor for local AI coding agents (Claude Code, Codex CLI, OpenClaw) and project-surface scanner for repos containing skills, plugins, and MCP manifests. Reads session logs, configs, and ...

github.com
1
129
The Builder's Manifesto Cybersecurity in a world where code is worth nothing Another agent today. It's all over Reddit. scadastrangelove.blogspot.co…
1
72
The Confused Matrix President Bramp of the United States stepped before the cameras at 03:17 Washington time. ... medium.com/p/7016de25ab3e
1
79
Blackhole is a Python ASGI mock server for black-box scanner testing, education, and reproducible benchmarking. And every white hat should remember: all requests eventually fall into the black hole. github.com/scadastrangelove/…
1
2
213
Grafana redteam. Zeronighs 2025 slides. And if you observe long enough, observability will gaze back into you. (And it will file a ticket.) scadastrangelove.blogspot.co…
1
2
125
EPSS, KEV, and the Joy of Predicting the Past a boring question: what if you actually ran patch management using EPSS thresholds? Not in theory. Not in slides. In reality—against vulnerabilities that were already exploited. scadastrangelove.blogspot.co…
1
108
Just did it. #phdays OST bfan.link/phdays-11-1

in Dependence — PHDays 11

Выпущен новый релиз 16 мая 2022 г.

bfan.link
2
scadastrangelove retweeted
cyberok@cyberokcom
2 Jun 2022
CyberOK is hiring. Head of Security Services, [Lead/Senior] Vulnerability Researcher, [Lead/Senior] Penetration Testing Specialist, DevSecOps Team Lead. hh.ru/employer/8915102
1
3
Всероссийский конкурс open source cyber проектов для студентов и школьников. Засылай релизисы! phdays.com/ru/press/news/phd…
scadastrangelove retweeted
Insomni'hack@1ns0mn1h4ck
10 Jan 2022
[TALK ANNOUNCEMENT] Hunting for Bugs in "Ethereum 2.0" by Denis Kolegov, JP Aumasson (@veorq) insomnihack.ch/confirmed-spe… #INS22 #INSO22 #Talks
10
24
scadastrangelove retweeted
Lukasz Olejnik
@lukOlejnik
8 Feb 2021
So apparently someone broke to ICS systems of a US city and changed the chemical composition of water. That could have poisoned thousands of people. The potential humanitarian catastrophe was averted. tampabay.com/news/pinellas/2…
2
20
25
The DGX A100 Security Update fixes #vulnerabilities in NVIDIA #AI #ArtificialIntelligence servers BMC. Do #MachineLearning in a #secure way:) scada.sl/2021/01/nvidia-dgx-…
1
GradeZero - 1:30 AM Rus m.youtube.com/watch?v=qbmLAf… Eng m.youtube.com/watch?v=ieFiF_… #music #rock #indie #postpunk
1
2
Vulnerabilities of Machine Learning Infrastructure (Slides/Video) as presented @codeblue_jp and @TheStandoff_rus scada.sl/2020/12/vulnerabili… #aisec #cyber #security #vulnerabilities #ArtificialIntelligence #machinelearning #ai #ml
7
3
Load more