cat name | less

@Teach2Breach @rez0__ Increased velocity of threat and criticality of response, would seem to indicate that expert level offensive and defensive security would be more important going forward, not less.

isnt this going to obliterate the reward for finding bugs? won’t the cost of finding bugs be reduced to a cost of compute and likely drive bug bounty rewards down toward that? i dont see why this is exciting outside the very short term. its concerning and i dont see anyone saying what happens next or what everyone in the security industry is supposed to do once software and security become obsolete due to the velocity of offense far surpassing defense react time. im confused why i should be happy about this and why i should help feed the thing that is going to eat the industry. people say its still a tool, but lets be real, its probably already more useful than most pentests you can buy, it wont be long before no one cares to have a security person run the tool and they just make their dev teams use it. im trying not to doompill but im shocked that people working in security are not more concerned about their ability to remain employed in the near to medium term

if you think im just some dumb dumb thinking claude can find bugs and all my examples are wrong, just watch 15 min of this talk 😝 youtube.com/watch?v=1sd26p…

@checkymander Is Sloperator a new tier below skid? Above skid? Does it assume you use AI to create tools? What does the new leetness pyramid look like?

Slop tweet for slop c2

@nickvangilder @anton_chuvakin If you’re not doing things at least somewhat insecurely, you can’t move fast enough to keep up. You have to compromise somewhere. That is the wisdom of defense in depth, least privileges, and blast radius reduction.

We spend all this time and money trying convince our user base to be less trusting and more cynical. We subject them to phishing simulations. We have identify verification procedures for them to follow (thanks Scattered Spider!). We harp on them to never blindly approve push notifications. Yada yada yada. …and then we turn around and pip install litellm Sometimes I wonder what our average non-techy non-security users think of us.

@_xpn_ Agents fall into this trap too if you try to have them run the eval for you.

Watching my Claude agent heading into a nosedive during eval and trying to not interfere must be a similar to nature documentarians seeing a lion approaching a buffalo... You know not to interfere... but it's so hard!

@checkymander @nickvangilder

@nickvangilder We already have that x.com/impratikdabhi/…

We need a new industry cert: Certified Red Team Sloperator (CRTS)

@HackingDave @skept1kal Skill finding skills and prompting for agents to go proactively use them are a force multiplier

Think of a fleet of 24/7 workers that look at all of your analysts responses - look at the submissions from edrs siems event logs etc - and when things are like hmm maybe I dunno 100% - it looks at that and says well how do I get to a 100% I do know.. I need either more data or I need to be trained more in incident response or web apps or this specific technology. It enrolls the agent to learn more about that topic goes through all training classes and now knows this in the future

@sergical @steipete I got this working this weekend by changing all the anthropic agents to us.anthropic version. Also there was some hook defaulting to anthropic api. Idk I took a page out of your book and had kiro-cli run through things for me.

@catpipeless @steipete i got it setup in my own instance, mostly tried to document it here, most of it was claude code doing the setup, i try to stay away from devops. this is a very opinionated setup though: github.com/sergical/openc…

Great guide how to setup @openclaw on AWS for free.

@sergical @steipete @openclaw We’re you able to get this to work? I’m trying this now from a fresh install and it seems to be stuck on a lack of auth-profiles?

I just tried setting this up with aws cli using EC2 instance IAM roles for Bedrock models and it almost worked. If anyone's curious how to set it up github.com/clawdbot/clawd… the key is clawdbot uses env variables to check for bedrock but you can trick it with a default profile and fall back on instance IMDS creds

@arekfurt Always happens when lawyers and PR take over a place

Who at Crowdstrike possibly had the idea that this was the right way to do this? And how was there no one else around who was inclined or willing to say "No. We're not insulting people this way. Just call them vulnerabilities."?

@HackingLZ @m19o__ If they had done that it likely wouldn’t have gotten off the ground or gotten as far. Maybe there was a chance like 2/3 years into it to turn up the heat but still have enough vendor pressure to keep everyone else in.

@m19o__ I think everyone knows it was a PR game. I wish MITRE would have put the screws to everyone and made it a challenge but here we are.

Nobody is surprised by comments like this

Principle of least privilege in a GIF

@_RastaMouse Hmmm, the last time I tried this the teamserver just kept sending frames and the tcp connection to the external server was reset when I didn’t respond or just resent the previous frames. Changing the sleep in the implant didn’t seem to change this behavior.

@catpipeless sleep 180 30 done.

Not sure why, but I suddenly have the urge to write a mini-course on External C2.

@techspence I believe you. But just to be pedantic. That screenshot is rubeus, and I had to submit the sid when I requested the certificate via certify.

@catpipeless yeah, tried that..

Has anyone seen this error when attemptin to abuse an ESC1? "KRB_AP_ERR_USER_TO_USER_REQUIRED"

From here github.com/praetorian-inc…

@SecurePeacock Been happening for at least a year

Some EDRs are now tagging all activity from some BAS solutions with an informational level alert, so everything is detected 👀 100% Detection Coverage! But not really…

A little over a year ago I published research on how you could leverage non-production AWS API endpoints to enumerate permissions without logging to CloudTrail. A year later...I'm still finding them. Red Teamers, these can be super useful and really up your game!