r1cksec<p>This blog explores another Chromium command line flag that can be used to spy on a user by continuously taking pictures through their camera and recording their microphone audio🕵️♂️</p><p><a href="https://mrd0x.com/spying-with-chromium-browsers-camera" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">mrd0x.com/spying-with-chromium</span><span class="invisible">-browsers-camera</span></a></p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/chromium" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>chromium</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
techhub.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A hub primarily for passionate technologists, but everyone is welcome
Administered by:
Server stats:
4.8Kactive users
techhub.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.8
#redteam
14 posts · 14 participants · 0 posts today
C.<p><span class="h-card" translate="no"><a href="https://brettiverse.com/users/brett" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>brett</span></a></span> </p><p>But none of that, of course, is "illegal" in and of itself. They've got no business clutching their pearls over perfectly commonplace tools which happen to have illegitimate uses in addition to legitimate ones.</p><p>So every corporate red team is now going to find Microsoft has been dropping their backups silently? That's gonna go over well 😆 </p><p><a href="https://mindly.social/tags/RedTeam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RedTeam</span></a> <a href="https://mindly.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://mindly.social/tags/WeveHeardOfIt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WeveHeardOfIt</span></a> <a href="https://mindly.social/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Microsoft</span></a></p>
Lenin alevski 🕵️💻<p>New Open-Source Tool Spotlight 🚨🚨🚨</p><p>Pocket ID is an OIDC provider simplifying authentication with passkeys. No passwords. Think secure logins using Yubikeys or biometrics. Lightweight compared to Keycloak or Hydra and ideal for focused use cases. Built for Docker setups. <a href="https://infosec.exchange/tags/Passkeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passkeys</span></a> <a href="https://infosec.exchange/tags/OIDC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OIDC</span></a></p><p>🔗 Project link on <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GitHub</span></a> 👉 <a href="https://github.com/pocket-id/pocket-id" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/pocket-id/pocket-id</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/Software" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Software</span></a> <a href="https://infosec.exchange/tags/Technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Technology</span></a> <a href="https://infosec.exchange/tags/News" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>News</span></a> <a href="https://infosec.exchange/tags/CTF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CTF</span></a> <a href="https://infosec.exchange/tags/Cybersecuritycareer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecuritycareer</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hacking</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blueteam</span></a> <a href="https://infosec.exchange/tags/purpleteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>purpleteam</span></a> <a href="https://infosec.exchange/tags/tips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tips</span></a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensource</span></a> <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cloudsecurity</span></a></p><p>— ✨<br>🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴☠️</p>
r1cksec<p>This blog explores a Chromium command line flag and how it can be used to spy on a user by continuously taking screenshots of their screen🕵️♂️ </p><p><a href="https://mrd0x.com/spying-with-chromium-browsers-screensharing" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">mrd0x.com/spying-with-chromium</span><span class="invisible">-browsers-screensharing</span></a></p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentest</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/chromium" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>chromium</span></a></p>
Lenin alevski 🕵️💻<p>New Open-Source Tool Spotlight 🚨🚨🚨</p><p>tfmcp simplifies Terraform management by letting AI assistants like Claude Desktop handle config, plans, and state via the Model Context Protocol (MCP). Built with Rust, it offers robust security, Docker support, and detailed analysis. ⚙️ <a href="https://infosec.exchange/tags/Terraform" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Terraform</span></a> <a href="https://infosec.exchange/tags/DevOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DevOps</span></a></p><p>🔗 Project link on <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GitHub</span></a> 👉 <a href="https://github.com/nwiizo/tfmcp" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/nwiizo/tfmcp</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/Software" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Software</span></a> <a href="https://infosec.exchange/tags/Technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Technology</span></a> <a href="https://infosec.exchange/tags/News" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>News</span></a> <a href="https://infosec.exchange/tags/CTF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CTF</span></a> <a href="https://infosec.exchange/tags/Cybersecuritycareer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecuritycareer</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hacking</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blueteam</span></a> <a href="https://infosec.exchange/tags/purpleteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>purpleteam</span></a> <a href="https://infosec.exchange/tags/tips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tips</span></a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensource</span></a> <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cloudsecurity</span></a></p><p>— ✨<br>🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴☠️</p>
Lenin alevski 🕵️💻<p>New Open-Source Tool Spotlight 🚨🚨🚨</p><p>Groundhog by @ghuntley explains AI coding agents like Cursor from first principles. Built in Rust, it teaches the inner workings of coding assistants—perfect for learning or building your own. <a href="https://infosec.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AI</span></a> <a href="https://infosec.exchange/tags/RustLang" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RustLang</span></a></p><p>🔗 Project link on <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GitHub</span></a> 👉 <a href="https://github.com/ghuntley/groundhog" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/ghuntley/groundhog</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/Software" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Software</span></a> <a href="https://infosec.exchange/tags/Technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Technology</span></a> <a href="https://infosec.exchange/tags/News" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>News</span></a> <a href="https://infosec.exchange/tags/CTF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CTF</span></a> <a href="https://infosec.exchange/tags/Cybersecuritycareer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecuritycareer</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hacking</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blueteam</span></a> <a href="https://infosec.exchange/tags/purpleteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>purpleteam</span></a> <a href="https://infosec.exchange/tags/tips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tips</span></a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensource</span></a> <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cloudsecurity</span></a></p><p>— ✨<br>🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴☠️</p>
RedTeam Pentesting<p>🎉 It is finally time for a new blog post!</p><p>Join us on our deep dive into Windows Authentication Coercion and its current state in 2025, including some brand-new tooling ✨ <a href="https://mastodon.social/tags/itsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>itsec</span></a> <a href="https://mastodon.social/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://mastodon.social/tags/pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentest</span></a> <a href="https://mastodon.social/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>redteam</span></a></p><p><a href="https://blog.redteam-pentesting.de/2025/windows-coercion" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.redteam-pentesting.de/202</span><span class="invisible">5/windows-coercion</span></a></p>
Tim (Wadhwa-)Brown :donor:<p>Technically, it's not a vuln because if you enable SSH via the supported route then you only get a root shell and there's no way to create low priv'd SSH users, but since there's no ability to persistently fix that issue, I ended up abusing IPC to write to the persistent storage a scheduled job which will give me a low priv'd SSH user 🤡.</p><p><a href="https://gist.github.com/timb-machine/a3b2d27adcbbed34455e78f845198392" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">gist.github.com/timb-machine/a</span><span class="invisible">3b2d27adcbbed34455e78f845198392</span></a></p><p>It just so happens that /if/ you did have a low priv'd SSH user, then the IPC would enable you to get root.</p><p><a href="https://infosec.exchange/tags/westerndigital" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>westerndigital</span></a>, <a href="https://infosec.exchange/tags/mycloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mycloud</span></a>, <a href="https://infosec.exchange/tags/y0day" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>y0day</span></a>, <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>redteam</span></a>, <a href="https://infosec.exchange/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>linux</span></a></p>
Lenin alevski 🕵️💻<p>New Open-Source Tool Spotlight 🚨🚨🚨</p><p>Cortex by TheHive Project is a powerful open-source engine for observable analysis and active response. Supporting integration with MISP & TheHive, it offers 39+ analyzers to streamline DFIR tasks. Built using Scala, AngularJS, and Python for scalability. <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DFIR</span></a></p><p>🔗 Project link on <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GitHub</span></a> 👉 <a href="https://github.com/TheHive-Project/Cortex" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/TheHive-Project/Cor</span><span class="invisible">tex</span></a></p><p><a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/Software" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Software</span></a> <a href="https://infosec.exchange/tags/Technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Technology</span></a> <a href="https://infosec.exchange/tags/News" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>News</span></a> <a href="https://infosec.exchange/tags/CTF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CTF</span></a> <a href="https://infosec.exchange/tags/Cybersecuritycareer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecuritycareer</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hacking</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blueteam</span></a> <a href="https://infosec.exchange/tags/purpleteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>purpleteam</span></a> <a href="https://infosec.exchange/tags/tips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tips</span></a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensource</span></a> <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cloudsecurity</span></a></p><p>— ✨<br>🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴☠️</p>
BC Security<p>Void Blizzard, a Russia-affiliated threat actor, shows that using simple techniques like password spraying doesn’t mean the group lacks sophistication. Their real strength lies in tailoring access and operations to each target, scaling complexity only as needed. This strategic adaptability, combining low-level entry with high-level post-compromise actions, demonstrates advanced operational maturity. What do you think advanced actually means?<br><a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a><br><a href="https://www.microsoft.com/en-us/security/blog/2025/05/27/new-russia-affiliated-actor-void-blizzard-targets-critical-sectors-for-espionage/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">microsoft.com/en-us/security/b</span><span class="invisible">log/2025/05/27/new-russia-affiliated-actor-void-blizzard-targets-critical-sectors-for-espionage/</span></a></p>
BSidesLuxembourg<p>We're very happy and excited to announce that we've closed the extra last-minute CFP for the <a href="https://infosec.exchange/tags/OffensiveOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OffensiveOps</span></a> Offensive Security Village, which Bourbon Offensive Security Services has sponsored and turned into reality! The village is accompanied by a <a href="https://infosec.exchange/tags/Lockpicking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Lockpicking</span></a> village - see more details below.</p><p>This TAKES PLACE on June 18th from 14.00-18.00 on top of the June 19th full day agenda!!</p><p>Talks:<br>1 - Browser Exploitation: From N-Days to Real-World Exploit Chains in Google Chrome - by Arnaud Perrot (aka "petitoto")</p><p>2 - Hacking EV Chargers: Fast Track to Market, Fast Track to Vulnerabilities - by Simon Petitjean</p><p>3 - Targeting pentesters - by Charlie Bromberg (aka "Shutdown") & Mathieu Calemard du Gardin </p><p>4 - Unpacking Azure Initial Access Attack Techniques - by François-Jérôme Daniel & Patrick Mkhael<br> <br>🔓 In parallel we host the “Physical Intrusion & hashtag<br>hashtag#Lockpicking Village” in the Atrium to permits to practice, learn and more ! by 🃏 Nicolas Aunay (Joker2a)) and Nicolas B.!! </p><p>💥 The village will be live during both days of the event 💥 </p><p>👉 Get your ticket here: <a href="https://lnkd.in/edXc3ytn" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">lnkd.in/edXc3ytn</span><span class="invisible"></span></a></p><p>If you’re into <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentesting</span></a>, <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>redteam</span></a>, <a href="https://infosec.exchange/tags/adversaryemulation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>adversaryemulation</span></a>, <a href="https://infosec.exchange/tags/physicalintrusion" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>physicalintrusion</span></a> or you're a student, passionate, or just curious to explore why offense is mandatory for defense — you’ll feel right at home.</p><p>Let’s build something meaningful for the offensive security community in Luxembourg.</p><p><a href="https://infosec.exchange/tags/BSidesLuxembourg2025" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BSidesLuxembourg2025</span></a><br><a href="https://infosec.exchange/tags/OffensiveOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OffensiveOps</span></a> <br> <a href="https://infosec.exchange/tags/OffSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OffSec</span></a> <br><a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a><br><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <br><a href="https://infosec.exchange/tags/communitydriven" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>communitydriven</span></a></p>
leHACK<p>🇬🇧✨ Could your browser’s cache be used to smuggle malware?<br>Join Aurélien Chalot at hashtag#leHACK 2025 to uncover how cache smuggling bypasses traditional defenses for silent payload delivery and network recon. Learn how to protect your organization!<br>🗓️ 27 June<br>🕐 2:00pm<br>🔗 <a href="https://lehack.org/2025/tracks/conferences" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">lehack.org/2025/tracks/confere</span><span class="invisible">nces</span></a><br>🎟️ Late bird : <a href="https://billetweb.fr/lehack-2025-the-singularity" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">billetweb.fr/lehack-2025-the-s</span><span class="invisible">ingularity</span></a> <br>Don’t miss it!<br><a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/leHACK" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>leHACK</span></a></p><p>------------</p><p>🇫🇷✨ Et si le cache de votre navigateur permettait de diffuser des malwares ?<br>Aurélien Chalot présente le cache smuggling lors du hashtag#leHACK 2025 : techniques d’attaque, reconnaissance furtive et conseils pour s’en prémunir !<br>🗓️ 27 Juin<br>🕐 14h00<br>🔗 <a href="https://lehack.org/2025/tracks/conferences" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">lehack.org/2025/tracks/confere</span><span class="invisible">nces</span></a><br>🎟️ Dernières places : <a href="https://billetweb.fr/lehack-2025-the-singularity" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">billetweb.fr/lehack-2025-the-s</span><span class="invisible">ingularity</span></a> <br>À ne pas manquer !<br><a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/cybers%C3%A9curit%C3%A9" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersécurité</span></a> <a href="https://infosec.exchange/tags/leHACK" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>leHACK</span></a></p>
Lenin alevski 🕵️💻<p>New Open-Source Tool Spotlight 🚨🚨🚨</p><p>Sops encrypts secrets in YAML, JSON, ENV, or INI formats, ensuring encrypted leaf values while preserving file structure. Supported integrations include AWS KMS, GCP KMS, Azure Key Vault, age, and PGP. Edit files seamlessly, with automated encryption/decryption during save. <a href="https://infosec.exchange/tags/encryption" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>encryption</span></a> <a href="https://infosec.exchange/tags/devops" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>devops</span></a></p><p>🔗 Project link on <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GitHub</span></a> 👉 <a href="https://github.com/getsops/sops" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/getsops/sops</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/Software" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Software</span></a> <a href="https://infosec.exchange/tags/Technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Technology</span></a> <a href="https://infosec.exchange/tags/News" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>News</span></a> <a href="https://infosec.exchange/tags/CTF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CTF</span></a> <a href="https://infosec.exchange/tags/Cybersecuritycareer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecuritycareer</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hacking</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blueteam</span></a> <a href="https://infosec.exchange/tags/purpleteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>purpleteam</span></a> <a href="https://infosec.exchange/tags/tips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tips</span></a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensource</span></a> <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cloudsecurity</span></a></p><p>— ✨<br>🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴☠️</p>
BC Security<p>Heading to <span class="h-card" translate="no"><a href="https://bird.makeup/users/blackhatevents" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>blackhatevents</span></a></span> and haven't found a course? Advanced Threat Emulation: Active Directory will take students through hands-on exercises attacking a real-world emulated network. Don't miss out! <a href="https://infosec.exchange/tags/BHUSA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BHUSA</span></a> <a href="https://infosec.exchange/tags/RedTeam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RedTeam</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a><br>Aug 2-3: <a href="https://www.blackhat.com/us-25/training/schedule/#advanced-threat-emulation-active-directory-43759" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">blackhat.com/us-25/training/sc</span><span class="invisible">hedule/#advanced-threat-emulation-active-directory-43759</span></a><br>Aug 4-5: <a href="https://www.blackhat.com/us-25/training/schedule/#advanced-threat-emulation-active-directory-437591736893489" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">blackhat.com/us-25/training/sc</span><span class="invisible">hedule/#advanced-threat-emulation-active-directory-437591736893489</span></a></p>
Tim (Wadhwa-)Brown :donor:<p>Woop. <span class="h-card" translate="no"><a href="https://infosec.exchange/@mitreattack" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>mitreattack</span></a></span> Community slides are up here:</p><p><a href="https://web.tresorit.com/l/tz3En#5ePZHUjQNg6GFFHZNVEhSA" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">web.tresorit.com/l/tz3En#5ePZH</span><span class="invisible">UjQNg6GFFHZNVEhSA</span></a></p><p><a href="https://infosec.exchange/tags/att" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>att</span></a>&ck, <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>redteam</span></a>, <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blueteam</span></a>, <a href="https://infosec.exchange/tags/purpleteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>purpleteam</span></a>, <a href="https://infosec.exchange/tags/dataanalytics" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dataanalytics</span></a>, <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a>, <a href="https://infosec.exchange/tags/research" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>research</span></a></p>
Tim (Wadhwa-)Brown :donor:<p>I posted about a blog post I'd seen on SSH authorized keys command earlier in the week, but the more I think about it, the more I think it'd make a great persistence mechanism.</p><p>On a given day, it picks a place to fetch a key from based on a DGA or similar. If the host responds with a public key, the attacker can log in with the corresponding private key and if not it silently fails. Or, you could just use the same approach to run a specific command to for example reset the root password.</p><p>Something to watch out for in the future.</p><p><a href="https://infosec.exchange/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>linux</span></a>, <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>redteam</span></a></p>
Max Renke<p>Day 1 of posting to social media until I get an offensive security research job</p><p>First, I’m going to start with what I know – Windows. I need to recreate what I had access to at Microsoft, so that starts by setting up a dev environment and finding a copy of Windows System Internals, perhaps the greatest resource for learning Windows out there. My expertise is in Windows and virtualization, so I’m going to make sure I master those areas.</p><p>Next, I don’t think I want to grind coding exercises, but I do need to shake the rust off my coding skills. I think I’m going to start with some HackTheBox challenges and find some CTFs to participate in.<br> <br>Finally, my long overdue goal: learn Rust. I’m not sure if this will help immediately, as I could choose to improve my knowledge of Python. But Rust was getting more and more popular in the areas of Windows I was tasked with protecting, so I need to learn what all the fuss is about with regards to memory safety.<br> <br>If anyone is on a similar journey, let’s hold each other accountable in the comments! I will be sure to document any write-ups at blog.maxrenke.com (work in progress).</p><p><a href="https://infosec.exchange/tags/OffensiveSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OffensiveSecurity</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/WindowsInternals" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WindowsInternals</span></a> <a href="https://infosec.exchange/tags/HackTheBox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HackTheBox</span></a> <a href="https://infosec.exchange/tags/CTF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CTF</span></a> <a href="https://infosec.exchange/tags/EthicalHacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>EthicalHacking</span></a> <a href="https://infosec.exchange/tags/RedTeam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RedTeam</span></a> <a href="https://infosec.exchange/tags/BlueTeam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BlueTeam</span></a> <a href="https://infosec.exchange/tags/RustLang" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RustLang</span></a> <a href="https://infosec.exchange/tags/PythonProgramming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PythonProgramming</span></a> <a href="https://infosec.exchange/tags/DevEnvironment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DevEnvironment</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/CyberCareer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberCareer</span></a> <a href="https://infosec.exchange/tags/SecurityResearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SecurityResearch</span></a> <a href="https://infosec.exchange/tags/MemorySafety" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MemorySafety</span></a> <a href="https://infosec.exchange/tags/CyberCommunity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberCommunity</span></a> <a href="https://infosec.exchange/tags/JobSearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>JobSearch</span></a> <a href="https://infosec.exchange/tags/TechJourney" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TechJourney</span></a> <a href="https://infosec.exchange/tags/SecurityEngineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SecurityEngineering</span></a> <a href="https://infosec.exchange/tags/Pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Pentesting</span></a> <a href="https://infosec.exchange/tags/LearningEveryDay" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LearningEveryDay</span></a></p>
Lenin alevski 🕵️💻<p>New Open-Source Tool Spotlight 🚨🚨🚨</p><p>Nuclei Templates by ProjectDiscovery: a repository of community-curated YAML templates enabling the Nuclei engine to identify application vulnerabilities. It’s modular, covers CVEs, misconfigurations, and more. <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSource</span></a></p><p>🔗 Project link on <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GitHub</span></a> 👉 <a href="https://github.com/projectdiscovery/nuclei-templates" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/projectdiscovery/nu</span><span class="invisible">clei-templates</span></a></p><p><a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/Software" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Software</span></a> <a href="https://infosec.exchange/tags/Technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Technology</span></a> <a href="https://infosec.exchange/tags/News" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>News</span></a> <a href="https://infosec.exchange/tags/CTF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CTF</span></a> <a href="https://infosec.exchange/tags/Cybersecuritycareer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecuritycareer</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hacking</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blueteam</span></a> <a href="https://infosec.exchange/tags/purpleteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>purpleteam</span></a> <a href="https://infosec.exchange/tags/tips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tips</span></a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensource</span></a> <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cloudsecurity</span></a></p><p>— ✨<br>🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴☠️</p>
r1cksec<p>Test bench lab for Shellcode Obfuscation🕵️♂️</p><p><a href="https://github.com/dobin/ShellcodeObfuscationLab" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/dobin/ShellcodeObfu</span><span class="invisible">scationLab</span></a></p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a> <a href="https://infosec.exchange/tags/shellcode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>shellcode</span></a></p>
Lenin alevski 🕵️💻<p>New Open-Source Tool Spotlight 🚨🚨🚨</p><p>Google's MCP Security repo integrates various security solutions like Chronicle, GTI, SOAR, & SCC via Model Context Protocol servers. Flexible deployment options make it easy to adapt to diverse environments. Documentation is thorough—local Sphinx builds supported. <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/DevOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DevOps</span></a></p><p>🔗 Project link on <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GitHub</span></a> 👉 <a href="https://github.com/google/mcp-security" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/google/mcp-security</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/Software" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Software</span></a> <a href="https://infosec.exchange/tags/Technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Technology</span></a> <a href="https://infosec.exchange/tags/News" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>News</span></a> <a href="https://infosec.exchange/tags/CTF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CTF</span></a> <a href="https://infosec.exchange/tags/Cybersecuritycareer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecuritycareer</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hacking</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blueteam</span></a> <a href="https://infosec.exchange/tags/purpleteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>purpleteam</span></a> <a href="https://infosec.exchange/tags/tips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tips</span></a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensource</span></a> <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cloudsecurity</span></a></p><p>— ✨<br>🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴☠️</p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload