Stick Dave

@sherrod_im Bring back kick and ban

I’m going to bring back IRC.

@ItsReallyNick me, when shopping for whiskey. I don't want to waste my liver on crappy booze.

I would love to know who actually clicks Sort: By Price (High to Low) to buy stuff

@vxunderground Should have installed some AV Bro.

Chat, I've got a temperature of 104.2f (40.1c). I do NOT feel good. I went to the doctor and this nerd with a clipboard told me I had some made up mumbo jumbo called "Influenza Type A". I said, "whatever nerd, I'm not gonna let the system hold me down" (it's holding me down)

REMnux based on Ubuntu 24.04 (Noble) is available now, along with a new, more resilient installer. Available as prebuilt VMs for VMware, Proxmox and VirtualBox, as well as a Docker container. Get your malware analysis toolkit from REMnux.org.

@LitMoose Are you sure it is normies? Maybe you offended all the bots on here.

@noottrak Live view of my every 2nd or 3rd sentence with the wife

@realstickdave YES

having a mumbly friend is the worst

@_0b1d1 PDF

🛡️ Master Windows Server Hardening with Group Policy Security (GPO) Want the full breakdown? ✉️Comment “PDF” for the complete guide.

@dafr0g_ IPv6 is the networking version of this is the year of Linux on the desktop.

IPv6 is what happens when you design by committee. NAT is what happens when one pissed off developer needs more addresses at 3AM but doesn't want to beg.

@James_inthe_box @noottrak

@noottrak and in the pipe ;)

the board is green and everything is 5 x 5

@inversecos @vxunderground Not fair Lina.

@vxunderground PLS HELP ME. im so lost and i need UR help :3 OwO u r the smartest guy i have ever met in my life 😵‍💫 im so impressed by ur technical skill

The craziest thing about the entire Scattered Spider trilogy is how simple they operated and how effective it was They didn't utilize 0day exploits. They didn't utilize novel and "undetectable" malware. They didn't exploit N-days or try to find vulnerable external facing machines. All they did was call the help desk. That's it. That's literally it. Scattered Spider performed basic reconnaissance from social media (LinkedIn), investor websites, and dug up any information they could about the company. Then they called the help desk. That's how they compromised banks, critical infrastructure, casinos, car manufacturers, petroleum companies, luxury brands, government entities, air lines, and record labels. Once they got access they used basic open source tooling from GitHub. It was never anything super fancy. All of these companies invested heavily into Threat Intelligence, SOC analysts, Endpoint Detection Response software, DFIR experts, and anything else you can think of and it was defeated by doing basic research on the company and calling the help desk We're so fucked

@HackingLZ As long as you secure it as you would a c2, I don’t see the problem.

Can we stop acting surprised EDR is a C2 we have been discussing this for years now 🤣

@inversecos That sounds pretty good, I am going to workshop that one.

cover letters are basically corporate fan fiction tf you supposed to write 😩 “Nothing excites me more than logging into Entra ID…”

@vxunderground You could have been famous for the largest hack in history, but

> do largest supply chain attack in history > potentially infect millions of apps > doesnt do the thing good > makes $0 from compromise I don't wanna support the villain here, but my guy, you gotta lock in. You could have infected hundreds of millions of apps and you FUMBLE IT

@IceSolst @HackingLZ Suck it IPv6!

We’re like 15 years into IPv4 getting allegedly depleted, and most people still have never touched an IPv6. Firewall rules? v4. External netpen scope? Believe it or not, v4. Splunk monitoring rules? Only v4.

Well alright then