"HELP! MY ACCOUNT GOT HACKED!" - Business Email Compromise (BEC) Part 1
www.truesec.com/hub/blog/hel...
"The Anatomy of a Business Email Compromise Attack" - Business Email Compromise (BEC) Part 2
www.truesec.com/hub/blog/the...
#infosec #blueteam
25.09.2025 17:54 β π 3 π 1 π¬ 1 π 0
GitHub - prowler-cloud/prowler: Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuous monitoring, security assessments & audits, incident ...
Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuous monitoring, security assessments & audits, incident response, compliance, har...
Prowler is an open-source security tool that helps assess and enforce security best practices across AWS, Azure, Google Cloud and Kubernetes.
github.com/prowler-clou...
#infosec #blueteam
22.07.2025 18:08 β π 1 π 0 π¬ 0 π 0
GitHub - BushidoUK/Ransomware-Tool-Matrix: A resource containing all the tools each ransomware gangs uses
A resource containing all the tools each ransomware gangs uses - BushidoUK/Ransomware-Tool-Matrix
Ransomware Tool Matrix by @bushidotoken.net: This repository lists tools used by ransomware gangs. Defenders can detect and block these commonly reused tools to stop intrusions.
github.com/BushidoUK/Ra...
#infosec #blueteam
07.05.2025 15:16 β π 1 π 0 π¬ 0 π 0
ArgFuscator
Generate obfuscated command-line arguments for common system-native executables now with ArgFuscator.
ArgFuscator is an open-source web app that generates obfuscated command lines for common system tools. Great for testing your defenses against real-world attack techniques.
argfuscator.net
#infosec #pentest #redteam #blueteam
31.03.2025 17:28 β π 0 π 0 π¬ 0 π 0
Privacy Checkup: How well do you protect your privacy?
The Privacy Checkup was launched as part of Data Privacy Week 2024 and helps you to determine whether or not youβre sufficiently protecting your data online.
How well do you protect your privacy?
The Privacy Checkup helps you assess your online surveillance defenses and take steps to protect your data.
privacy-checkup.info (English, Deutsch, EspaΓ±ol)
#privacy #infosec
30.03.2025 14:04 β π 0 π 0 π¬ 0 π 0
Breaking the Virtual Barrier: From Web-Shell to Ransomware
Recent VMware vulnerabilities have reignited the threat of VM escapes, enabling attackers to bypass security controls and deploy ransomware. Learn how adversaries exploit these flaws and how to streng...
A great read on the exploitation of VMware vulnerabilities - from both attacker and defender perspectives - plus practical recommendations to strengthen your security posture.
"Breaking the Virtual Barrier: From Web-Shell to Ransomware"
www.sygnia.co/threat-repor...
#infosec #blueteam
29.03.2025 20:22 β π 0 π 0 π¬ 0 π 0
Fake-Shops von der Stange: BogusBazaar
Du bestellst im Internet? NatΓΌrlich bestellst Du im Internet. Aber dieses Mal wird Deine Ware nicht geliefert. Stattdessen sind Dein Geld...
Eine kriminelle Organisation hinter mehr als 75.000 Fake-Shops, >1 Mio. Bestellungen & >$50M Schaden. Einblick in ihr ausgeklΓΌgeltes System & wie sie KΓ€ufer tΓ€uschen.
#38C3: "Fake-Shops von der Stange: BogusBazaar" mit @kaibiermann.bsky.social und kantorkel.
media.ccc.de/v/38c3-fake-...
#infosec
02.01.2025 10:51 β π 2 π 0 π¬ 0 π 0
Die elektronische Patientenakte (ePA) kommt im Januar β ist ein Opt-Out sinnvoll? β Datenschutz β Unter dem Radar
Datenschutz β Unter dem Radar
Welche Daten enthΓ€lt die elektronische #Patientenakte und was bedeutet sie fΓΌr die Γ€rztliche Schweigepflicht?
12.12.2024 23:16 β π 8 π 5 π¬ 1 π 0
Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a US Critical Infrastructure Sector Organization | CISA
That's a Cybersecurity Advisory worth reading, with many important points to note.
Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a US Critical Infrastructure Sector Organization
www.cisa.gov/news-events/...
#infosec #blueteam
24.11.2024 13:54 β π 5 π 2 π¬ 0 π 0
LOLESXi
LOLESXi features a comprehensive list of binaries/scripts natively available in VMware ESXi that adversaries have utilised in their operations.
lolesxi-project.github.io/LOLESXi/
#infosec #pentest #redteam #blueteam
08.11.2024 12:36 β π 2 π 1 π¬ 0 π 0
DEF CON 32 Main Stage Talks - YouTube
π¨ Exciting news for all hackers and tech enthusiasts! The #DEFCON32 talks are now available on YouTube! π
youtube.com/playlist?lis...
#infosec #pentest #redteam #blueteam
18.10.2024 18:36 β π 3 π 0 π¬ 0 π 0
2024 | BigBrotherAwards
Die 24. BigBrotherAwards fanden am 11. Oktober 2024 in der Hechelei in Bielefeld statt. Eine vorlΓ€ufige Version des Livestreams finden Sie auf unserer
Spannend & unterhaltsam: Die #BigBrotherAwards prΓ€mieren jedes Jahr die grΓΆΓten DatensΓΌnder in Wirtschaft & Politik!
BigBrotherAwards 2024: PreistrΓ€ger, Bilder und Livestream unter bigbrotherawards.de/2024
Also available in English: bigbrotherawards.de/en/2024
#infosec #BBA24
17.10.2024 11:17 β π 0 π 0 π¬ 0 π 0
LeHack 2024 - NetExec workshop writeup
Like every year at LeHack, I was lucky enough to take part in mpgn's Active Directory workshop. The aim of the workshop was to compromise an Active Directory environment and become a Domain Admin of 2...
A nice write-up by Rayan Bouyaiche of @mpgn's Active Directory workshop at LeHack 2024. The workshop aimed to compromise an Active Directory environment and become DA of two domains as quickly as possible using only NetExec.
www.rayanle.cat/lehack-2024-...
#infosec #pentest #redteam
19.07.2024 19:02 β π 1 π 0 π¬ 0 π 0
CISA Red Teamβs Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth | CISA
That's a worth reading Cybersecurity Advisory.
CISA Red Teamβs Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth
www.cisa.gov/news-events/...
#infosec #blueteam
17.07.2024 11:56 β π 2 π 1 π¬ 0 π 0
MAILFAIL
MailFail is a Firefox browser extension that identifies and provides commands to exploit a large number of email-related misconfigurations for the current domain and subdomain.
m.ail.fail
#infosec #pentest #redteam #blueteam
08.07.2024 11:50 β π 0 π 0 π¬ 0 π 0
Bypassing EDR NTDS.dit protection using BlueTeam tools.
During an internal penetration test, Cortex EDR was installed in the domain controller. After obtaining Domain Admin privileges on theβ¦
An alternative method to retrieve NTDS hashes from a domain controller after obtaining Domain Admin privileges on the network.
Bypassing EDR NTDS.dit protection using BlueTeam tools.
medium.com/@0xcc00/bypa...
#infosec #pentest #redteam #blueteam
07.07.2024 19:31 β π 1 π 0 π¬ 0 π 0
DFIR Breakdown: Kerberoasting
Kerberoasting allows attackers to determine sensitive passwords and the most common place for detecting this attack is on the domain controller. In this
Kerberoasting allows attackers to extract and crack service account passwords from a domain controller. This blog post will look into the details of Kerberoasting from a DFIR perspective.
DFIR Breakdown: Kerberoasting
www.cybertriage.com/blog/dfir-br...
#infosec #blueteam #dfir
04.07.2024 22:44 β π 3 π 0 π¬ 0 π 0
GitHub - srlabs/Certiception: An ADCS honeypot to catch attackers in your internal network.
An ADCS honeypot to catch attackers in your internal network. - srlabs/Certiception
Certiception is a honeypot for Active Directory Certificate Services (ADCS), designed to trap attackers with a realistic and attractive bait that triggers highly relevant alerts.
github.com/srlabs/Certi...
#infosec #blueteam
03.07.2024 17:53 β π 1 π 1 π¬ 0 π 0
πβ‘: https://x.com/CyberCakeX
GitHub β‘: https://github.com/HotCakeX/Harden-Windows-Security
Security Blog β‘: https://spynetgirl.github.io
YouTube β‘: https://www.youtube.com/@hotcakex
π¬π§ | Senior Threat Intelligence Advisor at Team Cymru | Co-author SANS FOR589 | Co-founder Curated Intel
Cisco Talos defends Cisco customers with trusted global cybersecurity intelligence. Support requests: https://talosintelligence.com/support
Threat Detection & Response. Interested in cyber security, tech and politics. Views are my own, unless retweeted.
CCC | Dragon Queen fighting for digital rights | Mostly Coding
Shooting the messenger will not solve the problem
Redakteur Investigativ und Daten | Investigative Reporter @DIEZEIT
PGP: 5356 E18D 028D 2A17 D95C 00A9 3816 1797 D451 8B42
Threema: PHT4ZBYM
@kaibiermann@mastodon.online
https://de.wikipedia.org/wiki/Frank_Rieger
Mastodon / Fediverse: @frank_rieger@chaos.social
Kolumne: https://steadyhq.com/en/realitatsabzweig/posts
Der Chaos Computer Club ist eine galaktische Gemeinschaft von Lebewesen fΓΌr Informationsfreiheit und TechnikfolgenabschΓ€tzung. https://ccc.de
Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.
CEO and founder of runZero.com, previously the founder and lead developer of Metasploit, a CSO, a consultant, and the head of various security research teams. Contact info, presentations, and more at https://hdm.io/
Hacker. Friend. Cybersecurity Researcher at Huntress.
Web App (mostly) Hacker | Cybersecurity Educator | Content Creator | Ex-Brit | Links: http://linktr.ee/tib3rius (he/him) πΊπΈ A mostly unserious person. @therealc3rul34n.bsky.social is bae π₯°
I am a nerd that started a company almost 15 years ago. Secure Ideas is a security consulting firm focused on helping clients have the best penetration testing experience. I am also an IANS faculty member and currently an OWASP global board member.
Hacker / Creative
Mischief & GOOD VIBES ONLY
Past: Host of "Tribe of Hackers"; Assoc. Producer "Darknet Diaries."
Current: Cybersecurity researcher and executive. Also, father of the fastest climber who has ever lived. Seriously.
Warning: I talk about my son ALOT
βUt scandis, alios subleva.β
Security Researcher at Google Project Zero. 0-days all day. Love all things reverse engineering. she/her
hacker, poster, weird machine mechanic
https://chompie.rip
Resources for Open Source Intelligence Investigations. Follow the Digital Bread Crumbs. #OSINT #OSINTCurious linktr.ee/osint.techniques
![Ray [REDACTED]](https://cdn.bsky.app/img/avatar/plain/did:plc:657oa6ldqrsjo5roln7ckm36/bafkreihxcz5jz6mhiqernmmppio2lw7uvm7zfem4qrmlfqbpdcllvuxx54@jpeg)
