JSTCyber LLC

Microsoft-Analyzer-Suite. collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID github.com/LETHAL-FORENSI…

🧠 𝗔𝗴𝗲𝗻𝘁𝗶𝗰 𝗦𝗢𝗖 𝗣𝗹𝗮𝘁𝗳𝗼𝗿𝗺 — 𝗔𝗜-𝗗𝗿𝗶𝘃𝗲𝗻 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗢𝗽𝘀 Automate detection → analysis → response • AI agents (LangGraph, Dify, local LLMs) • Built-in SIRP for incident response • Works with SIEM (Splunk, ELK/Kibana) • Webhook + Redis stream processing • Real-time + event-driven workflows • Modular, plugin-based architecture • Full local deployment (data control) • Python-based, easy integration Turns alerts into actionable security workflows github.com/FunnyWolf/agen… #SOC #ThreatDetection #CyberSecurity

🧠 AI-Powered Red Team — 28 Specialized Agents for Offensive Security 🤖🔥 Turn Claude into a full pentesting team. • 28 agents (Recon, AD, Web, Cloud, Mobile) • Auto task routing → correct agent • Real tools support (nmap, sqlmap, nuclei, BloodHound) • Recon → Exploit → Report Link: github.com/0xSteph/pentes… #AI #RedTeam #Pentesting #CyberSecurity #Infosec

claude-red is a curated library of offensive security skills designed for the Claude skills system. Each skill is a structured SKILL.mdfile that primes Claude with expert-level methodology for a specific attack surface from SQLi to shellcode, EDR evasion to exploit development. Resource: github.com/SnailSploit/Cl…

🔨BlueHammer: When Defender Becomes the Attacker A Windows zero‑day (“BlueHammer”) flips Defender’s update workflow into a privilege escalation path. I’ve built a detection that goes beyond signatures — catching the behavioral traces this exploit leaves behind. Technical Analysis: cyderes.com/howler-cell/wi… KQL Code: github.com/SlimKQL/Detect… #CyberSecurity #BlueHammer #DetectionEngineering #DefenderXDR

Token Replay Blind Spot Your SOC monitors sign-in logs. Good. Does it monitor AADNonInteractiveUserSignInLogs? That's where token replay lives. The attacker stole a session token. They're not signing in again — they're refreshing the existing session. It shows up as a non-interactive sign-in from a different IP and user agent, with the same token. If you only alert on interactive sign-ins, you're watching the front door while they use the window. The Entra ID Security course covers this in depth — token lifecycle, where replay hides in the logs, and the KQL to catch it. 19 modules, first 2 free, no account needed. Access to Course Material: training.ridgelinecyber.com/courses/entra-…

Detection lists for SOC DFIR github.com/mthcht/awesome…

Added some more #KQL queries to the repo. 🏹 - Scheduled Task AppData - Defender AV Exclusion Events - Rare .lnk File Created on Desktop github.com/Bert-JanP/Hunt… The queries were already supported in #KustoHawk

🚨 New Darkweb Threat Intelligence Live Dashboard We’ve updated our Threat Intelligence live dashboard. Just provide any domain name, and we can generate a full intelligence report instantly. The report includes exposure insights such as: • Compromised credentials • Leaked documents • Infected machines • Dark web intelligence 🔎 See an example: info.mole-lab.org/stealthmole_ex…⁠ We also support 8 different real-time alert integrations. 📩 Interested? Contact us: sales@stealthmole.com #ThreatIntelligence #CyberSecurity #DarkWeb #OSINT #CTI

Red Team Operations Architecture Map A single HTML file that covers the full kill chain from infrastructure setup to impact. It maps out how techniques actually chain together - 28 attack flow chains showing real-world operator workflows, from initial access through lateral movement to domain compromise. Things like ZIP → LNK → DLL Sideload, Device Code Phish → Token Theft → Cloud Lateral, NTLM Reflection → LDAPS Relay → Full Domain Compromise. 119 technique cards broken down across C2, evasion, injection, persistence, credential access, privilege escalation, AD attacks, cloud ops, MOTW bypass, vishing, AI-assisted operations, and more. Each card covers the why, not just the what detection surfaces, OPSEC tradeoffs, and vendor-specific nuances for CrowdStrike, Cortex, SentinelOne, and Defender. No frameworks, no dependencies. One HTML file, works offline, open it in a browser and go. Source: kypvas.github.io/red-team-map/

🚨BREAKING: Anthropic just dropped free courses to master AI with certificates. No tuition. No waitlist. No BS. Here're 10 courses that will replace a $50K degree👇

New AWS cheat sheet to help you secure your models, data, and endpoints at scale. You'll learn: - A real-world case of AI abuse in AWS - 6 proven steps to harden AI workloads - How Wiz AI-SPM enhances AWS-native controls

⚠️ Claude Code Hacked to Achieve Full RCE and Hijacked Organization API Keys | Source: cybersecuritynews.com/claude-code-ha… Critical vulnerabilities in Anthropic's Claude Code, an AI-powered command-line development tool. The flaws could allow attackers to achieve Remote Code Execution (RCE) and exfiltrate Anthropic API keys by exploiting project configuration files. Claude Code allows developers to delegate tasks directly from their terminal. To facilitate team collaboration, it supports project-level configurations through a .claude/settings.json file stored directly in the repository. Malicious configurations could trigger unintended actions on a developer's machine, effectively turning a passive setup file into an execution vector. #cybersecuritynews

If you use AI daily, save this. 🔗 github.com/f/prompts.chat One of the biggest open-source prompt libraries on the internet. • 140K+ GitHub stars • Works with ChatGPT, Claude, Gemini, Llama, Mistral • Community-curated prompts for real use cases • 100% free & open-source • Easy to fork and customize Old repo but still goated 🐐

Another Learning Opportunity! Microsoft Defender for Cloud and Microsoft Defender for Endpoint – Comprehensive Guide charbelnemnom.com/azure-security… #Microsoft #Azure #Blog > Please RP if you like it!

AI/ML Pentesting Roadmap for Beginners github.com/anmolksachan/A…

🔥 You can now ask Kali Linux tools in plain English — powered by Anthropic Sonnet 4.5. Through MCP, Claude SSHs into Kali to run tools like nmap, gobuster, nikto, hydra, sqlmap, metasploit, john, wpscan, enum4linux-ng, checks dependencies, and returns results in-app. 🔗 Read about it here → #ai-powered-command-execution" target="_blank" rel="nofollow noopener">thehackernews.com/2026/02/threat…

Azure Storage Account Attacks and Detections, by @Haus3c hausec.com/2025/12/15/azu…

Forensic Analysis of Windows 10 and 11 Event Logs, by @ElcomSoft blog.elcomsoft.com/2026/02/forens…

Stop wasting hours trying to learn AI. 📘📚 I have already done it for you. With one list. Zero confusion. And no fluff 📹 Videos: 1. LLM Introduction: lnkd.in/dMqbaZdK 2. LLMs from Scratch: lnkd.in/dYYwEhYy 3. Agentic AI Overview (Stanford): lnkd.in/dArmMt2i 4. Building and Evaluating Agents: lnkd.in/dBWd2W8u 5. Building Effective Agents: lnkd.in/dHfdebqw 6. Building Agents with MCP: lnkd.in/dXuNHrRJ 7. Building an Agent from Scratch: lnkd.in/da3ANw3w 8. Philo Agents: lnkd.in/dq-BfZE5 🗂️ Repos 1. GenAI Agents: lnkd.in/d3UDtwwv 2. Microsoft's AI Agents for Beginners: lnkd.in/dHvTmJnv 3. Prompt Engineering Guide: lnkd.in/gJjGbxQr 4. Hands-On Large Language Models: lnkd.in/dxaVF86w 5. AI Agents for Beginners: lnkd.in/dHvTmJnv 6. GenAI Agentshttps://lnkd.in/dEt72MEy 7. Made with ML: lnkd.in/d2dMACMj 8. Hands-On AI Engineering:lnkd.in/dgQtRyk7 9. Awesome Generative AI Guide: lnkd.in/dJ8gxp3a 10. Designing Machine Learning Systems: lnkd.in/dEx8sQJK 11. Machine Learning for Beginners from Microsoft: lnkd.in/dBj3BAEY 12. LLM Course: lnkd.in/diZgGACG 🗺️ Guides 1. Google's Agent Whitepaper: lnkd.in/gFvCfbSN 2. Google's Agent Companion: lnkd.in/gfmCrgAH 3. Building Effective Agents by Anthropic: lnkd.in/gRWKANS4. 4. Claude Code Best Agentic Coding practices: lnkd.in/gs99zyCf 5. OpenAI's Practical Guide to Building Agents: lnkd.in/guRfXsFK 📚Books: 1. Understanding Deep Learning: lnkd.in/dgcB68Qt 2. Building an LLM from Scratch: lnkd.in/g2YGbnWS 3. The LLM Engineering Handbook: lnkd.in/gWUT2EXe 4. AI Agents: The Definitive Guide - Nicole Koenigstein: lnkd.in/dJ9wFNMD 5. Building Applications with AI Agents - Michael Albada: lnkd.in/dSs8srk5 6. AI Agents with MCP - Kyle Stratis: lnkd.in/dR22bEiZ 7. AI Engineering: lnkd.in/gi-mQcXa 📜 Papers 1. ReAct: lnkd.in/gRBH3ZRq 2. Generative Agents: lnkd.in/gsDCUsWm. 3. Toolformer: lnkd.in/gyzrege6 4. Chain-of-Thought Prompting: lnkd.in/gaK5CXzD. 🧑🏫 Courses: 1. HuggingFace's Agent Course: lnkd.in/gmTftTXV 2. MCP with Anthropic: lnkd.in/geffcwdq 3. Building Vector Databases with Pinecone: lnkd.in/gCS4sd7Y 4. Vector Databases from Embeddings to Apps: lnkd.in/gm9HR6_2 5. Agent Memory: lnkd.in/gNFpC542 Repost for your network ♻️