Red team + metal
#metal #metalmerch #callofduty #redteam #codredteam

A black background with four red corners, rendered in 3D. ASCII text reads "Intro To Red Teaming", underneath which further text reads "Wednesday, 1st April at 14:00; C27, Merchiston". The ENUSEC logo is at the very bottom.

We're in for a fantastic session this week. Red-teamer and adversarial architect Andy Gill is coming in to deliver a talk on red teaming: by far the most fun type of ethical hacking.

Come along to C27 this Wednesday for an unmissable session!

#RedTeam #InfoSec Edinburgh Napier University

March 24, 2026, the #LiteLLM #Python package was compromised, one uses a .pth file in site-packages to execute malicious code on every Python startup. The mechanism behind this? Python's site module.

#Redteam #Hak5 #CyberNews #BlueTeam #OpSec #WebDev #CyberSecurity
youtu.be/XylwUXpxAcY?...

#NoCode #RedTeam

She too cute ya know
the psyop makes you blue,
your blue makes you unglued.
Hollow code so a S3 bucket load,
She sews the seeds you can't unload.
Your slop code can't stop the Psyop,
oh oh, oh no. uh oh, you're blown.

#RedTeam #Cyber #UwU_Underground
bsky.app/profile/thin...

Click that link
a password fake.
lick that bait boy,
n' she bash that cake,
your last mistake.

#ScatteredSpider strikes tonight

#Cyber done right, #UwU_UNderground
Bahahaha, you don't don't get who they are,
the brazen babes of #malware.
#RedTeam #CyberSecurity
music.youtube.com/watch?v=lBAU...

Drop that slop,
gotta get that repo code got hurt
ctrl c ctrl p, encrypt that S3
Vibe that code shitty
Slop that work in a hurry
shes the CVE AI slop worry

#UwW_Underground pounds the clowns vibe down.
#RedTeam #Cyber #AI #Malware
music.youtube.com/watch?v=S0Ad...

Breaking into offensive security - Negative PID Offensive security roles attract people who enjoy thinking creatively, solving puzzles, and understanding systems from the inside out. Whether you want to

Breaking into offensive security

negativepid.blog/bre...

#OffSec #offensiveSecurity #ethicalHacking #redTeam #Cybersecurity #cyberattacks #cyberThreats #onlineSecurity #negativepid

GitHub - nikaiw/VMkatz: Extract Windows credentials directly from VM memory snapshots and virtual disks Extract Windows credentials directly from VM memory snapshots and virtual disks - nikaiw/VMkatz

Extract Windows credentials directly from VM memory snapshots and virtual disks

github.com/nikaiw/VMkatz

#infosec #cybersecurity #redteam #pentest #windows #opensource

Default TLS Exclusions for Palo Alto Networks Firewalls Default TLS Exclusions for Palo Alto Networks Firewalls - panw-exclusions.json

Default TLS Exclusions for Palo Alto Networks Firewalls

gist.github.com/UNC1739/cc17...

#infosec #cybersecurity #redteam #pentest

Breaking into offensive security - Negative PID Offensive security roles attract people who enjoy thinking creatively, solving puzzles, and understanding systems from the inside out. Whether you want to

Breaking into offensive security

negativepid.blog/bre...

#OffSec #offensiveSecurity #ethicalHacking #redTeam #Cybersecurity #cyberattacks #cyberThreats #onlineSecurity #negativepid

GitHub - atredispartners/llmchainhunter: Leveraging LLM to generate Java deserialization chains Leveraging LLM to generate Java deserialization chains - atredispartners/llmchainhunter

This repo contains the design plan and runbook for using Claude Code to search for Java Deserialization Gadget chains.

github.com/atredispartn...

#infosec #cybersecurity #redteam #pentest #ai #llm #opensource

🎤 Main Stage Alert

Please welcome David Viola to #BSidesBirmingham 🙌

“Sim-Adversary”

A game engine-led red team scenario with real-world pressure, detections and audience participation.

#BSides #Infosec #RedTeam

🔴 Mar 25's Top Cyber News NOW! - Ep 1096 YouTube video by Simply Cyber - Gerald Auger, PhD

For speedrunning #CyberNews, #SimplyCyber - Gerald Auger, PhD, is a popular and well studied #CyberSecurity expert. He goes off the cuff and talks #Cyber threats on a #live broadcast.
#OpSec #Security #CVE #RedTeam #BlueTeam #CyberThreats

www.youtube.com/live/ZY2eNa1...

Training an AI agent to attack LLM applications like a real adversary - Help Net Security Novee launches an AI pentesting agent that tests LLM apps continuously against prompt injection and other AI-specific attack techniques.

Training an AI agent to attack LLM applications like a real adversary

📖 Read more: www.helpnetsecurity.com/2026/03/25/n...

#cybersecurity #cybersecuritynews #agenticAI #penetrationtesting #redteam #Novee

GitHub - zux0x3a/Phantom: Phantom is project created to perform loading and executing .NET assemblies directly in memory within an IIS environment running in full‑trust mode. Instead of relying on fi... Phantom is project created to perform loading and executing .NET assemblies directly in memory within an IIS environment running in full‑trust mode. Instead of relying on file‑based approach, it u...

A project that loads .NET assemblies into memory within an IIS environment running in full‑trust mode. It uses reflective loading techniques to inject inside the memory space of the w3wp.exe worker pool process

github.com/zux0x3a/Phan...

#infosec #cybersecurity #redteam #pentest #windows

MacOS Redteam 3: Initial Access with DarwinOps PKG State of the art:

A post that describe how PKG files can be used to gain initial access on macOS

blog.balliskit.com/macos-redtea...

#infosec #cybersecurity #redteam #pentest #macos #phishing

Bypassing Microsoft KB5014754 and KDC_ERR_PADATA_TYPE_NOSUPP in Certipy About two weeks ago I completed an internal pentest structured as a purple team exercise. I conducted the attacks while the client’s SOC monitored for visibility gaps in real time. The environment was...

Join @vict0ni.bsky.social as he exploits ADCS, using Certipy to bypass KB5014754

0x00sec.org/bypassing-mi...

#hacker #infosec #redteam #offsec #cyber

GitHub - memN0ps/armory-rs: Rusty Armory - Beacon Object Files (BOFs) in Rust (Codename: Armory) Rusty Armory - Beacon Object Files (BOFs) in Rust (Codename: Armory) - memN0ps/armory-rs

Rusty Armory - Beacon Object Files (BOFs) in Rust (Codename: Armory)

github.com/memN0ps/armo...

#infosec #cybersecurity #redteam #pentest #rust

I of course have found a way around their goofy IP ban, even though it is Cloudfare based. (Think about that for a moment, and it is not a silly 2008 VPN back to them.) I will be reporting back from time to time on what is going on. Most of which not.
#RedTeam #Cyber #OpSec #PenTest #CyberSecurity

Cheesing Microsoft Attack Surface Reduction rules While working on varying engagements i have been messing with Microsoft Attack Surface Reduction (ASR) quite a bit, since clients often use it to make the life of adversaries(and red teamers) just a t...

It is possible as a low privileged user to parse the Windows event logs for any ASR exclusion

primusinterp.com/posts/Window...

#infosec #cybersecurity #redteam #pentest

GitHub - n00py/Outpacket: This cheatsheet maps common impacket workflows to their modern alternatives This cheatsheet maps common impacket workflows to their modern alternatives - n00py/Outpacket

This cheatsheet maps common impacket workflows to their modern alternatives

github.com/n00py/Outpac...

#infosec #cybersecurity #redteam #pentest

Impacket for Pentester: MSSQL Exploitation This walkthrough demonstrates how common Microsoft SQL Server misconfigurations can be chained to achieve full OS-level compromise during penetration tests and red team engagements. Using Impacket's mssqlclient.py, an attacker can authenticate, enumerate databases and logins, escalate to SA via IMPERSONATE or linked servers, enable xp_cmdshell, execute OS commands, and upload files — defenders must harden MSSQL instances to prevent these vectors. #MicrosoftSQLServer #mssqlclient

Misconfigured Microsoft SQL Servers allow attackers to escalate privileges, enable xp_cmdshell, execute OS commands, and upload files using Impacket’s mssqlclient.py during pentests and red team operations. #MSSQLExploitation #RedTeam

Most #CTI programs describe the threat. Few can prove their defenses hold against it.

Nigel Boston wrote the CTI Fusion Playbook for doing exposure validation across #ThreatHunting, #Detection, #RedTeam, and #SOC, with a scoring model and templates included.

feedly.com/ti-essential...

Thanks for hosting another amazing event, Microsoft!

More info on Microsoft's Zero Day Quest can be found here:
www.microsoft.com/en-us/msrc/z...

#locksport #impressioninglocks #keyimpressioning #cybersecurity #hacking #hacker #redteam

susp #redteam OSCE_Election_Security_Checklist_v2.pdf.exe
600710c6ad0e4260a3879d36c5455e71
66.234.147.10

Break into the cloud like a pro ☁️💥 Master Azure from an attacker’s mindset with newly launched AzRTS — now just $49.

🚀 Enroll now: cyberwarfare.live/product/azur...

#Azure #CyberSecurity #RedTeam #CloudSecurity #AzRTS #CyberWarfare #TechSkills #LearnToHack #CWL

AppDomain Injection -Backdooring .NET Framework Applications AppDomain Injection is a technique that allows you to execute arbitrary code within .NET Framework applications by hijacking the AppDomain…

BallisKit ShellcodePack 2.8.1 is out! Focus: AppDomain injection & DLL sideloading, plus updated EDR evasion profiles. Learn how to backdoor .NET apps with our tutorial: blog.balliskit.com/appdomain-in...
#redteam

Minino supports multi-band, multi-protocol sniffing and wireless protocol manipulation ⚡ Powered by ESP32C6 with OLED and GPS, it’s a pocket-sized wardrive / recon / havoc tool for redteam tasks 📡 l.lab401.com/mEslI
#Minino #RedTeam #Wireless #Lab401

GitHub - Artais-Security/claude-skills-security-code-review: A Claude Skill with an OffSec code review slant A Claude Skill with an OffSec code review slant. Contribute to Artais-Security/claude-skills-security-code-review development by creating an account on GitHub.

Just shipped: a Claude Code skill for security review with an offsec slant. Two passes. Defensive checklist plus attacker perspective. Language-agnostic, stack-specific files for Python, Go, Next.js and more. github.com/Artais-Secur... #AppSec #RedTeam #OffSec