0x000F. @npub10uju...u6de exit()s GOOG.
Profile
npub1glq0...xz2n
npub1glq0...xz2n
Is it just me or does anyone else think it's weird that Windows is moving from password-based auth to PINs?
You call it "Hacker Summer Camp" and you don't even camp...<snark />
Fun observation, for orgs that use traditional-style DNS implementations, you may be able to date their maintenance practices by looking at their SOA records to see what date the serial last got incremented. Looking at a domain that hasn't changed since 2018...
Interesting links of the week:
Strategy:
* .pdf - have you heard of Pall Mall?
Threats:
* 
- RUMINT on IL activity vs IR
Detection:
* https://www.hub.trimarcsecurity.com/post/the-art-of-the-honeypot-account-making-the-unusual-look-normal - building better honeypots
* https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/4197438/nsa-asds-acsc-and-other-agencies-publish-three-cybersecurity-information-sheets/ - SIEM guidance from the "spooks"
Exploitation:
* 
- @npub1hxjn...yrj7 continues his countdown to BH and DC
* .pdf - modern obfuscation
Data:
* - using AI to detect AI from @npub1shv4...dw3y
#security, #research
Google Docs
IR/IL Cyber War Public
HTTP/1.1 Must Die
Upstream HTTP/1.1 is inherently insecure, and routinely exposes millions of websites to hostile takeover. Join the mission to kill HTTP/1.1 now
GPT-B-Gone
Shared via Claude, an AI assistant from Anthropic
Fun fact, these days, (GNU) tar can call home if there's a ":" in the filename:
#linux, #redteam
Gist
Remote tar :(
Remote tar :(. GitHub Gist: instantly share code, notes, and snippets.
In the last few months I've ran into 4 of my old Portcullis team mates in places I didn't expect them. A spate of birthday paradoxes.
#BSD friends, what's KDE support like these days over on *BSD? Toying with building a non-Linux laptop.
Interesting Git repos of the week:
Strategy:
* 
- modelling your strategy
Detection:
* 
- threat modelling as code
* 
- build your own threat hunting platform with Thales
* 
- Microsoft's TI tooling
Exploitation:
* 
- what's in the stack?
Hardening:
* 
- guestshell on the ISR1000
#security, #research, #code
GitHub
GitHub - TalEliyahu/awesome-CISO-maturity-models: Maturity models help integrate traditionally separate organizational functions, set process improvement goals and priorities, provide guidance for quality processes, and provide benchmark for appraising current processes outcomes.
Maturity models help integrate traditionally separate organizational functions, set process improvement goals and priorities, provide guidance for ...
GitHub
GitHub - yevh/TaaC-AI: AI-driven Threat modeling-as-a-Code (TaaC-AI)
AI-driven Threat modeling-as-a-Code (TaaC-AI). Contribute to yevh/TaaC-AI development by creating an account on GitHub.
GitHub
GitHub - thalesgroup-cert/Watcher: Watcher - Open Source AI-powered Cyber Threat Intelligence & Hunting Platform. Developed with Django & React JS.
Watcher - Open Source AI-powered Cyber Threat Intelligence & Hunting Platform. Developed with Django & React JS. - thalesgroup-cert/Watcher
GitHub
GitHub - microsoft/msticpy: Microsoft Threat Intelligence Security Tools
Microsoft Threat Intelligence Security Tools. Contribute to microsoft/msticpy development by creating an account on GitHub.
GitHub
GitHub - specfy/stack-analyser: Extract +700 technologies from any repository. Detect Languages, SaaS, Cloud, Infrastructure, Dependencies and Services
Extract +700 technologies from any repository. Detect Languages, SaaS, Cloud, Infrastructure, Dependencies and Services - specfy/stack-analyser
GitHub
GitHub - nistorj/ISR1000: CIsco ISR1000 series stuff
CIsco ISR1000 series stuff. Contribute to nistorj/ISR1000 development by creating an account on GitHub.
Kinda want a DirBuster style list of headers at this point, so many times, we see new CVEs stemming from headers with magical properties.