default itsec guy

@_RastaMouse Some are unemployed now, some work 5 days. So on average we're there

If AI is so productive, why are we not just working 1-2 day weeks?

@dcuthbert SAP so beautiful?

ServiceNow is the Lotus Notes of this generation. A UX designed by people with no eyes

@MantodeaSec @BigM1ke_oNe @kingcope_MTD What, kingcope is alive and active??? Omg

We are excited to announce that in the past months both @BigM1ke_oNe and @kingcope_MTD have joined our team. 💪 We are proud to welcome such renowned experts to our team.

Living on the Edge: Evicting threat actors from perimeter appliances youtube.com/watch?v=ZzGCs9…

@vysecurity Can't compare non open source to open source. Think about costs and limitations

I think the latest Opus and Gemini 3 just did a game over to the Chinese open source models...

found old stuff like PE compressors from 2002 ... wonder what to do with it

We know that Microsoft improved the overall printing security in 2025, now using DCE/RPC for callback, you can force NTLM local auth and reflect back machine auth even without CredMarshalTargetInfo() trick 😇

All my recent activity wasn't for nothing...I'm pleased to announce that I'll be speaking at @DistrictCon with @natashenka about a 0-click to kernel exploit chain for the Pixel 9 in January!

This is underrated and has worked forever

Lol "ZDI has marked all 13 issues as zero-day vulnerabilities, given Ivanti’s failure to release fixes in accordance with responsible disclosure deadlines." cyberinsider.com/zdi-drops-13-u…

@CyberWarship Didn't try it, but I doubt it will bypass Falcon or MDE

''Bypassing EDR using an In-Memory PE Loader'' #infosec #pentest #redteam #blueteam g3tsyst3m.com/fileless%20tec…

CODE WHITE proudly presents #ULMageddon which is our newest applicants challenge at apply-if-you-can.com packaged as a metal festival. Have fun 🤘 and #applyIfYouCan

Tired of dull, standard interviews? Talk to Kurt. Also, a few of my colleagues and I will be attending BruCON next week. Feel free to come and talk to us.

@TwoSevenOneT As admin you can do anything 😄

#redteam You can exploit the update functionality vulnerability of #Windows Defender to move its executable folder to a location of your choosing. After that, you can use DLL Sideloading for persistence, inject code, or simply disable it... #blueteam

@ShitSecure Same for clipboard etc, but server can enforce

Best Citrix Breakout ever. You can only download .ica files that provide access to certain local applications but breakout out of these applications is not possible? Just modify the .ica file before starting it and remove The InitialProgram= value -> Full Citrix Session! 🤓

@joernchen @nullcon One has a shirt the other a t-shirt. Maximum confused

Be careful out there, identity theft is real!

We always love a good challenge. That’s why we’re sponsoring the 10th FAUST CTF. Game on at 2025.faustctf.net

@rad9800 How you build sandbox when you don't have access to console and logs. Wtf post of the day

EDR vendors secure their sales pipelines but neglect monitoring GitHub for exposed installer tokens -leaving customers vulnerable to abuse and over-licensing. Adversaries likely exploit these tokens to build sandboxes for payload testing. Here are search patterns to help identify these exposures and push vendors toward better security practices: CrowdStrike: Base: - Falcon - falconctl - CrowdStrike - FalconSensor_Windows Filters: - /[A-Za-z0-9]{32}-[0-9]{2}/ Example Queries: crowdstrike /CID=[A-Za-z0-9]{32}-[0-9]{2}/ NOT owner:crowdstrike - crowdstrike falcon /[A-Za-z0-9]{32}-[0-9]{2}/ NOT "1234567890ABCDEF1234567890ABCDEF-12" SentinelOne: Base: - SITE_TOKEN - sentinelctl - SentinelOne - SentinelOneInstaller Filters: - 5zZW50aW5lbG9uZS5uZXQiL - eyJ1 Example Queries: - SITE_TOKEN 5zZW50aW5lbG9uZS5uZXQiL - Sentinelone language:powershell eyJ1 Carbon Black: Base: - COMPANY_CODE - installer_vista_win7_win8 Filters: - /COMPANY_CODE=[A-Z0-9]{19}/ Example Queries: - installer_vista_win7_win8 /COMPANY_CODE=[A-Z0-9]{19}/ Note: Add "s3" to any base term search to find publicly hosted installer binaries. Vendors must apply the same rigor to token management as they do to sales - protecting customers from licensing abuse and denying threat actors easy sandbox setup.

@SkelSec I'm sure it's a mistake errr I mean duplicate

Update: MS sent a message that this might be eligible for a bounty and should give them more info. I just.... ehhhh

@mrgretzky 🤣🤣🤣 my longest may have been m.youtube.com/watch?v=14L4S1…

@bongoalex I once watched a full playthrough of UFO: Enemy Unknown 🥲

Protip to get marked as an adult: For the next two weeks watch only classic rock and stay off those Roblox videos! Thank me later 😜