Redhotcyber<p>🔥 CORSO "ACTIVE DIRECTORY PENETRATION TEST". APERTE LE PRE ISCRIZIONI E AVVIATA LA PROMO🔥</p><p>💥OFFERTA ESCLUSIVA entro il 31 AGOSTO! -15% sul prezzo già scontato del corso (in quanto è la prima live class su questo argomento) a chi effettua la pre-iscrizione entro l 31 di Agosto!</p><p>Informazioni di dettagli del corso: 📩 Per info e iscrizioni scrivi a formazione@redhotcyber.com oppure su WhatsApp al 393791638765 <a href="https://www.redhotcyber.com/servizi/academy/live-class-active-directory-ethical-hacking/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">redhotcyber.com/servizi/academ</span><span class="invisible">y/live-class-active-directory-ethical-hacking/</span></a></p><p>📩 Per info e iscrizioni scrivi a formazione@redhotcyber.com oppure su WhatsApp al 393791638765</p><p>🔥 Diventa un ethical hacker professionista ora! Non perdere tempo!</p><p><a href="https://mastodon.bida.im/tags/redhotcyber" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redhotcyber</span></a> <a href="https://mastodon.bida.im/tags/formazione" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>formazione</span></a> <a href="https://mastodon.bida.im/tags/formazioneonline" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>formazioneonline</span></a> <a href="https://mastodon.bida.im/tags/ethicalhacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ethicalhacking</span></a> <a href="https://mastodon.bida.im/tags/hacker" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacker</span></a> <a href="https://mastodon.bida.im/tags/activedirectory" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>activedirectory</span></a> <a href="https://mastodon.bida.im/tags/microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>microsoft</span></a> <a href="https://mastodon.bida.im/tags/ethicalhacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ethicalhacking</span></a> <a href="https://mastodon.bida.im/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://mastodon.bida.im/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <a href="https://mastodon.bida.im/tags/penetrationtesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>penetrationtesting</span></a> <a href="https://mastodon.bida.im/tags/corsoonline" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>corsoonline</span></a> <a href="https://mastodon.bida.im/tags/corsodiformazione" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>corsodiformazione</span></a> <a href="https://mastodon.bida.im/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://mastodon.bida.im/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a></p>
eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.
Administered by:
Server stats:
209active users
eupolicy.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.1
#pentest
2 posts · 2 participants · 0 posts today
Neo-ainmichte<p><span>Hey folks,<br><br>Decided it was time for a fresh alias, so here’s my </span><a href="https://calckey.world/tags/introduction" rel="nofollow noopener" target="_blank">#introduction</a><span>. I’m a creatively driven fellow with a passion for privacy, cybersecurity, Linux, and free and open source software. I enjoy gaming, creative writing, and technology—the latter of which inspired me to pursue cybersecurity and system administration.<br><br>I embarked on this journey around the start of the pandemic, when the sudden surplus of free time gave me the opportunity to try Manjaro, a distribution of Linux based on Arch. With the release of the Steam Deck, I moved over to NixOS, which I’ve been using ever since while studying cybersecurity in higher education.<br><br>The majority of my posts will be set to follower-only, so feel free to throw a follow my way if anything of mine has piqued your curiosity at all.<br><br>Look forward to interacting with you all in the future! ^^<br><br></span><b>Tags:</b> <a href="https://calckey.world/tags/privacy" rel="nofollow noopener" target="_blank">#privacy</a>, <a href="https://calckey.world/tags/cybersecurity" rel="nofollow noopener" target="_blank">#cybersecurity</a>, <a href="https://calckey.world/tags/cybersec" rel="nofollow noopener" target="_blank">#cybersec</a>, <a href="https://calckey.world/tags/hacker" rel="nofollow noopener" target="_blank">#hacker</a>, <a href="https://calckey.world/tags/pentest" rel="nofollow noopener" target="_blank">#pentest</a>, <a href="https://calckey.world/tags/pentester" rel="nofollow noopener" target="_blank">#pentester</a>, <a href="https://calckey.world/tags/infosec" rel="nofollow noopener" target="_blank">#infosec</a>, <a href="https://calckey.world/tags/linux" rel="nofollow noopener" target="_blank">#linux</a>, <a href="https://calckey.world/tags/foss" rel="nofollow noopener" target="_blank">#foss</a>, <a href="https://calckey.world/tags/gaming" rel="nofollow noopener" target="_blank">#gaming</a>, <a href="https://calckey.world/tags/creativewriting" rel="nofollow noopener" target="_blank">#creativewriting</a>, <a href="https://calckey.world/tags/writing" rel="nofollow noopener" target="_blank">#writing</a>, <a href="https://calckey.world/tags/technology" rel="nofollow noopener" target="_blank">#technology</a>, <a href="https://calckey.world/tags/sysadmin" rel="nofollow noopener" target="_blank">#sysadmin</a>, <a href="https://calckey.world/tags/archlinux" rel="nofollow noopener" target="_blank">#archlinux</a>, <a href="https://calckey.world/tags/steamdeck" rel="nofollow noopener" target="_blank">#steamdeck</a>, <a href="https://calckey.world/tags/nix" rel="nofollow noopener" target="_blank">#nix</a>, <a href="https://calckey.world/tags/nixOS" rel="nofollow noopener" target="_blank">#nixOS</a>.</p>
Tanya Janca | SheHacksPurple :verified: :verified:<p>🎥 Missed one of my past conference talks? Let’s fix that.</p><p>I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.</p><p>“DIY Azure Security Assessment" - with Teri Radichel<br>📽️ <a href="https://twp.ai/4iodU5" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">twp.ai/4iodU5</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/SecurityAwareness" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityAwareness</span></a> <a href="https://infosec.exchange/tags/azure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>azure</span></a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a></p>
Bill<p>Here's a new-to-me password spray tool that looks a hell of a lot more functional that Burp Intruder.</p><p><a href="https://github.com/blacklanternsecurity/TREVORspray" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/blacklanternsecurit</span><span class="invisible">y/TREVORspray</span></a></p><p><a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <a href="https://infosec.exchange/tags/authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authorization</span></a></p>
Alex :nonbinary_flag:<p>A friend is looking for an ICS pentesting gig in the UK. He has lots of experience in maritime, power, water, gas OT & SCADA.</p><p>He's also excellent on internal inf / red team especially when there's an OT element to the org and you need a safe pair of hands.</p><p>If you have any leads please message me and I'll hook you up.</p><p><a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <a href="https://infosec.exchange/tags/FediHire" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FediHire</span></a></p>
Parrot Security<p>ParrotOS 6.4 is out now! 🔔</p><p>This release sets the stage for Parrot 7 with upgraded tools, security fixes, and system improvements 🐦💻</p><p>Upgrade via sudo parrot-upgrade or grab a fresh install from the official site 💡</p><p>Click the link down below and read more on the changelog 🔗</p><p><a href="https://parrotsec.org/blog/2025-07-07-parrot-6.4-release-notes" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">parrotsec.org/blog/2025-07-07-</span><span class="invisible">parrot-6.4-release-notes</span></a></p><p><a href="https://mastodon.social/tags/ParrotSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ParrotSec</span></a> <a href="https://mastodon.social/tags/ParrotOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ParrotOS</span></a> <a href="https://mastodon.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mastodon.social/tags/CybersecurityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CybersecurityNews</span></a> <a href="https://mastodon.social/tags/Hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hacking</span></a> <a href="https://mastodon.social/tags/PenTest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PenTest</span></a> <a href="https://mastodon.social/tags/Pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pentesting</span></a> <a href="https://mastodon.social/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a> <a href="https://mastodon.social/tags/linuxdistro" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linuxdistro</span></a></p>
Jack Rendor<p>Hi everyone! I recently released 3 blog posts! <br>All of them are writeups on CTFs where I make some scripts and tools in bash and golang!</p><p>I'll leave you the link of the blog posts and if you have any suggestions or interact with me, don't hesitate to comment or DM me! </p><p>I hope you all can enjoy reading them!</p><p><a href="https://blog.jackrendor.dev/posts/tryhackme-securityfootage/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.jackrendor.dev/posts/tryh</span><span class="invisible">ackme-securityfootage/</span></a></p><p><a href="https://blog.jackrendor.dev/posts/tryhackme-bugged/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.jackrendor.dev/posts/tryh</span><span class="invisible">ackme-bugged/</span></a></p><p><a href="https://blog.jackrendor.dev/posts/tryhackme-eavesdropper/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.jackrendor.dev/posts/tryh</span><span class="invisible">ackme-eavesdropper/</span></a></p><p><a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <a href="https://infosec.exchange/tags/penetrationtest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>penetrationtest</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/informationsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>informationsecurity</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/bash" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bash</span></a> <a href="https://infosec.exchange/tags/golang" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>golang</span></a></p>
LMG Security<p>Hundreds of Brother printer models are affected by a critical, unpatchable vulnerability (CVE-2024-51978) that allows attackers to generate the default admin password using the device’s serial number—information that’s easily discoverable via other flaws.</p><p>748 total models across Brother, Fujifilm, Ricoh, Toshiba, and Konica Minolta are impacted, with millions of devices at risk globally.</p><p>Attackers can:<br>• Gain unauthenticated admin access<br>• Pivot to full remote code execution<br>• Exfiltrate credentials for LDAP, FTP, and more<br>• Move laterally through your network</p><p>Brother says the vulnerability cannot be fixed in firmware and requires a change in manufacturing. For now, mitigation = change the default admin password immediately.</p><p>Our pentest team regularly highlights printer security as a critical path to system compromise—and today’s news is another example that underscores this risk. This is your reminder: Printers are not “set-and-forget” devices. Treat them like any other endpoint—monitor, patch, and lock them down.</p><p>Need help testing your network for exploitable print devices? Contact us and our pentest team can help!</p><p>Read the Dark Reading article for more details on the Brother Printers vulnerability: <a href="https://www.darkreading.com/endpoint-security/millions-brother-printers-critical-unpatchable-bug" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">darkreading.com/endpoint-secur</span><span class="invisible">ity/millions-brother-printers-critical-unpatchable-bug</span></a></p><p><a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/PenetrationTesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PenetrationTesting</span></a> <a href="https://infosec.exchange/tags/Pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pentest</span></a> <a href="https://infosec.exchange/tags/Pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pentesting</span></a> <a href="https://infosec.exchange/tags/PrinterSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PrinterSecurity</span></a> <a href="https://infosec.exchange/tags/BrotherPrinters" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BrotherPrinters</span></a> <a href="https://infosec.exchange/tags/CVE202451978" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE202451978</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/IT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IT</span></a> <a href="https://infosec.exchange/tags/SMB" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SMB</span></a> <a href="https://infosec.exchange/tags/CISO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CISO</span></a> <a href="https://infosec.exchange/tags/Cyberaware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cyberaware</span></a> <a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a> <a href="https://infosec.exchange/tags/ITSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITSecurity</span></a> <a href="https://infosec.exchange/tags/ZeroTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroTrust</span></a> <a href="https://infosec.exchange/tags/PatchNow" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PatchNow</span></a> <a href="https://infosec.exchange/tags/Pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pentest</span></a></p>
Paco Hope #resist<p>If you made some kind of intercepting HTTP/HTTPS proxy (thinking of a <a href="https://infosec.exchange/tags/pentester" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentester</span></a> use case here), you could make it search for these URLs in the streams of HTTP and HTML that are passing through the proxy. Copy down the full URLs and asynchronously issue your own requests for the same URLs and store your own copy of the resulting files. The end user still gets their copy and nobody can tell it's happening. You'd almost certainly be able to do this because the links would surely be valid at the time the proxy sees them, and would work if the proxy immediately issued its request for its own copy.</p><p>The only way to really detect this happening is for the bucket owner to look at the S3 object logs in CloudTrail and see more than 1 fetch of that URL. Of course, someone with network connectivity issues could issue the request more than once. But a systematic pattern of duplicate fetches would indicate hijinks. The end user can't detect <em>this</em> happening to them. But, of course, you're MitM'ing their internet connection, so <strong>that</strong> could be detected.</p><p><a href="https://infosec.exchange/tags/AWS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AWS</span></a> <a href="https://infosec.exchange/tags/S3" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>S3</span></a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <br>4/end</p>
Paco Hope #resist<p>If you know how these things work, I haven't told you anything new or useful yet. Maybe I won't. But the thing I think is important and frequently overlooked is that expiration time. Too short (5 seconds) and your user might not click the link before it expires. Too long (86400 seconds, i.e., one day) and this file is available far longer than you intended.</p><p>So looking at the <code>X-Amz-Expires</code> header in <a href="https://infosec.exchange/tags/AWS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AWS</span></a> <a href="https://infosec.exchange/tags/S3" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>S3</span></a> is a good <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> thing, especially if you're doing a <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> . Those URLs can be passed from device to device (e.g., you can Slack it to a colleague or SMS it to a friend and it will work). So you want to counsel anyone who uses them to try hard to tune the expiration as short as is reasonably practical. That expiration is all of the security control on that link.</p><p>[edit: I left out something important]<br>I see these URLs with <code>86400</code> as the expiration time <strong>a lot and often</strong>. If you're a developer, look at what you're setting them to. If you're a <a href="https://infosec.exchange/tags/pentester" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentester</span></a>, this is a thing to warn your customer about.</p><p>3/</p>
Hack In Days of Futur Past<p>You had a good run, pentesters... <br>So apparently, <span class="h-card" translate="no"><a href="https://infosec.exchange/@xbow" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>xbow</span></a></span> — an AI — claims it topped <span class="h-card" translate="no"><a href="https://mastodon.social/@hackerone" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>hackerone</span></a></span> No burnout. No caffeine. No Twitter rants about payload encoding. Just pure, scalable exploitation.<br>It doesn’t even need a hoodie.<br>While you’re debugging payloads in staging, it’s farming triage points in prod like it’s Doom on God Mode.<br>Even if it's only half true… what are you doing with your career?<br>Maybe it's time to pivot. Maybe start offering “human context review” as a service?<br>We used to joke about Clippy becoming self-aware. Now Clippy does lateral movement and submits reports while you sleep.<br><a href="https://piaille.fr/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://piaille.fr/tags/bugbounty" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bugbounty</span></a> <a href="https://piaille.fr/tags/AIsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AIsec</span></a> <a href="https://piaille.fr/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <a href="https://xbow.com/blog/top-1-how-xbow-did-it/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">xbow.com/blog/top-1-how-xbow-d</span><span class="invisible">id-it/</span></a></p>
makemakehow is there not a <a class="hashtag" href="https://pleroma.makemake.site/tag/rust" rel="nofollow noopener" target="_blank">#rust</a> library for defining a how a <a class="hashtag" href="https://pleroma.makemake.site/tag/json" rel="nofollow noopener" target="_blank">#json</a> object should look like and rejecting anything that doesnt match it exactly?<br><br><a class="hashtag" href="https://pleroma.makemake.site/tag/programming" rel="nofollow noopener" target="_blank">#programming</a> <a class="hashtag" href="https://pleroma.makemake.site/tag/infosec" rel="nofollow noopener" target="_blank">#infosec</a> <a class="hashtag" href="https://pleroma.makemake.site/tag/pentest" rel="nofollow noopener" target="_blank">#pentest</a>
r1cksec<p>A post that demonstrates how attackers can craft malware that bypass MS SmartScreen and Defender by exploiting whitelisting mechanisms🕵️♂️ </p><p><a href="https://versprite.com/vs-labs/slipping-malware-through-microsoft-security-checks" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">versprite.com/vs-labs/slipping</span><span class="invisible">-malware-through-microsoft-security-checks</span></a></p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a></p>
Yogthos<p>LLM as Hackers: Autonomous Linux Privilege Escalation Attacks with AI Agents.</p><p><a href="https://arxiv.org/pdf/2310.11409v4" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">arxiv.org/pdf/2310.11409v4</span><span class="invisible"></span></a></p><p><a href="https://social.marxist.network/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <a href="https://social.marxist.network/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://social.marxist.network/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://social.marxist.network/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://social.marxist.network/tags/LLM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LLM</span></a></p>
Chema Alonso :verified:<p>El lado del mal - LLM as Hackers: Autonomus Linux Privilege Escalation Attacks con Agentes AI <a href="https://www.elladodelmal.com/2025/06/llm-as-hackers-autonomus-linux.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">elladodelmal.com/2025/06/llm-a</span><span class="invisible">s-hackers-autonomus-linux.html</span></a> <a href="https://ioc.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentesting</span></a> <a href="https://ioc.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <a href="https://ioc.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://ioc.exchange/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://ioc.exchange/tags/EoP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EoP</span></a> <a href="https://ioc.exchange/tags/AgenticAI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AgenticAI</span></a> <a href="https://ioc.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://ioc.exchange/tags/IA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IA</span></a> <a href="https://ioc.exchange/tags/InteligenciaArtificial" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InteligenciaArtificial</span></a> <a href="https://ioc.exchange/tags/ArtificialIntelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ArtificialIntelligence</span></a></p>
Chema Alonso :verified:<p>El lado del mal - WhiteRabbitNeo un LLM (y un "ChatGPT") para el Red Team <a href="https://www.elladodelmal.com/2025/06/whiterabbitneo-un-llm-y-un-chatgpt-para.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">elladodelmal.com/2025/06/white</span><span class="invisible">rabbitneo-un-llm-y-un-chatgpt-para.html</span></a> <a href="https://ioc.exchange/tags/IA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IA</span></a> <a href="https://ioc.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://ioc.exchange/tags/RedTeam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RedTeam</span></a> <a href="https://ioc.exchange/tags/DevSecOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DevSecOps</span></a> <a href="https://ioc.exchange/tags/SecOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecOps</span></a> <a href="https://ioc.exchange/tags/Pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pentest</span></a> <a href="https://ioc.exchange/tags/Hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hacking</span></a> <a href="https://ioc.exchange/tags/InteligenciaArtificial" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InteligenciaArtificial</span></a> <a href="https://ioc.exchange/tags/LLM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LLM</span></a></p>
Clément Labro<p>🆕 New blog post!</p><p>"Checking for Symantec Account Connectivity Credentials (ACCs) with PrivescCheck"</p><p>This blog post is not so much about PrivescCheck in the end, but rather brings additional insight to the original article published by MDSec on the subject.</p><p>👉 <a href="https://itm4n.github.io/checking-symantec-account-credentials-privesccheck/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">itm4n.github.io/checking-syman</span><span class="invisible">tec-account-credentials-privesccheck/</span></a></p><p><a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/research" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>research</span></a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentesting</span></a></p>
RedTeam Pentesting<p>🎉 It is finally time for a new blog post!</p><p>Join us on our deep dive into Windows Authentication Coercion and its current state in 2025, including some brand-new tooling ✨ <a href="https://mastodon.social/tags/itsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>itsec</span></a> <a href="https://mastodon.social/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://mastodon.social/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <a href="https://mastodon.social/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a></p><p><a href="https://blog.redteam-pentesting.de/2025/windows-coercion" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.redteam-pentesting.de/202</span><span class="invisible">5/windows-coercion</span></a></p>
Ciarán McNally<p>How do people feel about reissuing a pentest report with all your good findings removed (post retest/remediation)? </p><p>I hate the idea my reports could be shown to third parties, minus all the good critical/high findings. <br><a href="https://mastodon.ie/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://mastodon.ie/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a></p>
Clément Labro<p>🆕 New blog post! It's a rather short one, nothing crazy. Just wanted to share a random finding I made recently. 🤷♂️</p><p>'Hijacking the Windows "MareBackup" Scheduled Task for Privilege Escalation'</p><p>👉 <a href="https://blog.scrt.ch/2025/05/20/hijacking-the-windows-marebackup-scheduled-task-for-privilege-escalation/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.scrt.ch/2025/05/20/hijack</span><span class="invisible">ing-the-windows-marebackup-scheduled-task-for-privilege-escalation/</span></a></p><p><a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentest</span></a> <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentesting</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>windows</span></a> <a href="https://infosec.exchange/tags/privilegeescalation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privilegeescalation</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload