Richard Rushing

Finding misconfigs in Active Directory is free…outside of your time. Here are 9 of my favorite tools (all free): Overall - PingCastle/PurpleKnight Permissions - ADeleg/ADeleginator* Attack paths - BloodHound Applocker - Applocker Inspector* ADCS - Locksmith Logon scripts - ScriptSentry* GPO - GPOZaurr * = utterly biased, tools I made

Fraud Tools, Tactics, and Techniques (FT3) is Stripe's adaptation of ATT&CK-style security frameworks, specifically designed to enhance our understanding of the tactics, techniques, and procedures (TTPs) used by actors in fraudulent activities github.com/stripe/ft3

🍍📟

I see Fortinet is firing back. Apparently my GitHub profile now qualifies as a malicious website in their web filtering appliances. (Okay, probably just an automated trigger on APTSimulator or the ransomware simulator repo. But maybe … )

@cyb3rops You know you are making a difference, when you get banned. You have #Arrived😁.

Hold my beer?

@Jr0dR87 Well AI says This image shows a street scene in New York City, likely 55 Central Park West, known as Spuyten Duyvil Apartments. This building is famous for being Dana Barrett's apartment building in the movie Ghostbusters.

OSINT challenge. This location is from my favorite movie. Can you guess the movie and what location this is from in that movie? I am an 80s kid so that's the hint.

I used to be very frustrated when security researchers published detailed vulnerability reports - meticulously describing every step of the discovery process but failing to include indicators of compromise or exploitation. It’s not about writing detection rules for us. Just sharing a log snippet, suspicious process behavior, or anything else observed during successful exploitation would be incredibly valuable. Better handover between researchers and defenders means faster, more effective responses.

🤓 Reverse Engineering and LLMs, 2 years ago when I created my first agent for RE, it was already pretty impressive. Fast forward to today, more people are using LLMs for reverse engineering. So here are a few tools for RE you might want to check out: ➡️ Radare AI: github.com/radareorg/r2ai ➡️ IDA Pro MCP: github.com/taida957789/id… ➡️ MCP for Ghidra: github.com/LaurieWired/Gh… And this is just the beginning. What comes next is building smarter RE agents by connecting them with external tools, plugins, and knowledge sources 😉 **The screenshot below is a MCP connected to a flare-on challenge.**

Installing Your Own Command and Control Server on Kali Linux hackers-arise.com/post/command-c…

Taken from a secure chat 🤣

9 Platforms to Get FREE Cybersecurity E-Books 1. PDF Drive 2. Heimdal Security 3. CollegeLearners 4. Endureka 5. Freetechbooks 6. Free Computer PDF 7. Online Programming Books 8. Infobooks 9. Simplilearn

IngressNightmare: 9.8 Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINX by @wiz_io this is bad wiz.io/blog/ingress-n…

Day 2 at #BHMEA24’s Capture the Flag is in full swing. 💰 SAR 1,000,000 on the line. 💻 250 teams, 1,000 minds in a race against time. ⚡ Witness strategy, precision, and speed collide as teams battle for the crown. The final round is coming—be there to see who dominates the cyber battlefield. Register today: bit.ly/3B95Cn7 #cybersecurity #informationsecurity #blackhatmea #BlackHat_At_Malham #BHMEA24

Up close with one of the brightest minds in the industry 🙌 Gary Hayslip, CSO of Softbank Advisors, took the stage for an exclusive book signing, sharing his insights and connecting with cybersecurity enthusiasts. #BlackHatMEA2024 #Cybersecurity #BookSigning #BlackHat_At_Malham

The #BHMEA24 Activity Zone by HABOOB is where theory meets hands-on challenges. ⚙️Critical infrastructure Security Hacking. 🔑 Lock Picking. 🔧Hardware Hacking. Are you ready to jump in? Register now: bit.ly/3B95Cn7 #BHMEA24 #blackhatmea #BlackHat_At_Malham

Dr. Kevin Jones took the stage to share groundbreaking insights on The AI Race in Cyber Security: A Corporate View. This is the thought leadership you won’t find anywhere else. Catch more like this at Black Hat MEA 2024— bit.ly/3B95Cn7 #BHMEA24 #blackhatmea #BlackHat_At_Malham