David S 🇺🇸

AV/EDR Lab Environment Setup A curated list of various resources helpful in building own malware-centric research lab. A post by Udayveer Singh (@m4lici0u5) Source: an0nud4y.notion.site/AV-EDR-Lab-Env… #redteam #blueteam #maldev #malwaredevelopment

👁️ LOLC2 Collection of C2 frameworks abusing legitimate services to evade detection Major update: new projects tested, enriched data, and deeper insights. site: lolc2.github.io github: github.com/lolc2/lolc2.gi…

NEW - U.S. server maker Super Micro's co-founder Yih-Shyan Liaw, and two others, arrested for smuggling $2.5 billion in machines with high-end Nvidia AI chips into China — Fortune

Learn AI security by breaking it. Join us in Arlington at #AISummit (Apr 20–21) for 2 days of talks & workshops, including a hands-on session with Maryam Mouzarani & Aruneesh Salhotra hacking AI systems to exploit vulnerabilities — and secure them. ➡️ sans.org/u/1CNB

🤓 Last month Google Threat Intelligence published a report on how attackers are leveraging AI and abusing Gemini. They uncovered a malware framework named HONESTCUE. It uses the Gemini API to generate C# payloads on demand. I extracted and referenced the prompts used by this malware into PromptIntel. Check this out 👇 promptintel.novahunting.ai/feed

Boggy Serpens, an Iranian state-sponsored threat group, now uses AI-assisted malware development and advanced evasion techniques. Our research details their evolving cyberespionage tactics. Read the full analysis to understand their techniques: bit.ly/4cNmLTZ

Investigation Scenario 🔎 Browser history for an HR user shows repeated visits to chat.openai[.]com, followed by creation of C:\Users\chris\AppData\Local\Temp\cleanup[.]ps1. The file is not available, and the hash shows no matches in OSINT resources. What do you look for to investigate whether an incident occurred? #InvestigationPath #DFIR #SOC

Just released DriverExplorer — a Rust utility for exploring Windows kernel drivers. • Enumerate loaded drivers • Easily Load / Unload drivers • Built for Windows kernel devs & security researchers: github.com/orinimron123/D…

ShadowBroker is a real-time OSINT dashboard that tracks everything on one map. - Aircraft, ships, and satellites - Earthquakes and conflict zones - CCTV networks and GPS jamming - Breaking geopolitical events All live. All open source. The world has never been this visible to anyone with a browser. github- github.com/BigBodyCobain/…

SkyOSINT Real-time tracking of 16K+ objects on the sky. Allow to analyze anomalies, maneuvers, conjunctions and behaviorGEO. skyosint.io #geoint

🤖 IBM X-Force found AI-generated #malware Slopoly used by Hive0163. The PowerShell backdoor persists for days, beacons every 30s, and runs commands from a remote C2. AI didn’t make it advanced — it made malware faster to build. 🔗 Read here → thehackernews.com/2026/03/hive01…

A humble come back from the dead. For more blogs on The Hacking Diaries this 2026 the-hacking-diaries.com/intercepting-i…

A really nice Cross-Site Leak writeup.  XSS-Leak by @salvatoreabello For client-side hackers, you would love this in your arsenal because it relies on browser architecture (Chromium) rather than a specific implementation bug in a website. Since Google marked it "WAI" (Works As Intended), this vector is still open for further exploration. Blog 👇 blog.babelo.xyz/posts/cross-si…

🚨 ALL FREE CERTIFICATION RESOURCES 🚨 📘 AWS 👉 drive.google.com/drive/mobile/f… 🔐 CISSP 👉 drive.google.com/drive/mobile/f… 🛡️ CISA 👉 drive.google.com/drive/mobile/f… 📊 CISM 👉 drive.google.com/drive/mobile/f… ⚠️ CRISC 👉 drive.google.com/drive/mobile/f… 📈 Digital Marketing 👉 drive.google.com/drive/mobile/f… 🔁 Retweet to help others

🌐 The dark web is a goldmine for OSINT investigators. Leak sites, forums, and underground marketplaces are only accessible with onion browsers like Tor Browser. Learn how investigators use them 👇 osint.industries/post/osint-and…

Link to the GOAD project : github.com/Orange-Cyberde…

🔥🐉 New GOAD Lab: DRACARYS I’ve just released a new free lab environment on GOAD: DRACARYS. The challenge includes 3 VMs and the objective is simple: Start with no authentication and work your way up to Domain Admin. Have fun exploiting it! 🔥🐉 mayfly277.github.io/posts/Dracarys…

🛠️ Game Reverse Engineering with Cheat Engine & IDA Pro The view matrix is the bridge between 3D world space and your 2D screen. This tutorial shows you how to locate it in memory and use it to build a WorldToScreen function. 👉 youtu.be/crT9zGviqVs

Homelab with Active Directory and SIEM for security training github.com/0xMR007/Lab4Pu…