We have a poll going about when the next competitive event should be. We currently have it pinned for October but based on community feedback, that is likely to change!

If you want to voice your thoughts, consider dropping by and casting your vote. This could affect the competitive schedule in perpetuity, so be sure to drop by if you want a say! Poll is open for ~13 days.

https://discord.com/invite/eABKrn2d6q

Congratulations to our winners of the June 2025 Casual Jabbercracky!

1st place: Stealthsploit wielding a Bone-Chilling Chainsaw of Unhashed Passwords
2nd place: A8B394321E77E0F7 wielding a 20733 Year Old Curved Saber of Eternal Night
3rd place: AlMcWhiggin wielding a As Seen On TV Rubber Chicken

Thank you much to all of the competitors! See you next month!

#jabbercracky

~48 hours left for the June event!

#jabbercracky

My talk from Security Fest is now live for any interested security enthusiasts, pentesters, red teamers and password crackers. Fun fact, my voice is that annoying in real life too.

https://www.youtube.com/watch?v=ArLhwcpWMdU

Following my Security Fest talk yesterday I've released Hashcatalyst, a wrapper that helps automate non-distributed workflows by chaining multiple attacks with no downtime.

https://github.com/stealthsploit/Hashcatalyst

#hashcat

For my Security Fest talk next week I'll be releasing a new tool to help automate non-distributed hashcat workflows, allowing people to chain multiple attacks with no downtime.

Keep your eyes peeled!

Wordpress’s new bcrypt implementation is prehashed with SHA-384? Not good if so as it facilitates password shucking attacks? Surely better to enforce a length limit?

Hopefully you've patched CVE-2025-24054. Whilst on the topic, as far as NTLM disclosure is concerned for REMOTE attackers, block SMB on egress (if someone's already inside then you've got bigger problems).

Kinda shouldn't need to be said in 2025 but kinda needs to be said 🤷‍♂️

A reflective take on how modern systems—from social media to certifications—reward surface-level wins over deep effort. This post explores how we’ve learned to game metrics, optimize for the minimum, and lose sight of meaning in the process. It asks: what happens when the game replaces the goal?

https://blog.anantshri.info/weve-all-learned-to-game-it/

#Incentives #Metrics #Optimization #SystemDesign #DigitalCulture #BlogPost #Writing #Fediverse #FOSS #WorkCulture #TechPhilosophy

I'm currently looking for two new SOC analysts for my team, hybrid role and need to be eligible for SC clearance
https://careers.node4.co.uk/jobs/5810124-soc-analyst?promotion=1433410-trackable-share-link-738e711d-1489-4ee8-aa3f-1701ec0e6b82
#fedihired #getfedihired #job #jobs #hiring #cybersecurity

@MissConstrue @csgraves

Oh yes, there are better ways than Hasselhoffing them. In which case then, are you also aware of....

The Duck Song
https://www.youtube.com/watch?v=MtN1YnoL46Q

Where can you see Lions?
https://www.youtube.com/watch?v=FbYtASAakAI

Narwhals
https://www.youtube.com/watch?v=ykwqXuMPsoc

Magical Trevor (several episodes, but 1 is the best)
https://www.youtube.com/watch?v=au3-hk-pXsM

@MissConstrue @csgraves Don't forget Fat Labrador!

https://www.youtube.com/watch?v=gXge6td1jfM

We've sold out our Defending Enterprises training at Security Fest on June 2-3!

Only 7 tickets remain for our Hacking Enterprises training, hope to see you there!

https://securityfest.com/

Hilarious. Free entry level ESXi hypervisor is back 😂

https://broad-cloud.nl/free-esxi-entry-level-hypervisor-is-back/

A nice spreadsheet of C2 frameworks for easy comparison of everything from licensing and implementation through to payload support and capabilities.

https://docs.google.com/spreadsheets/d/1b4mUxa6cDQuTV2BPC6aA-GR4zGZi0ooPYtBe4IgPsSc/edit?usp=sharing

Created and maintained by @c2_matrix

@angrylinus when one door closes, another opens! Stay optimistic

@alsternerd ah good spot, edited. Thanks.

@the_turtle the question is…with this bypass, why would you want to?

Persist with your local accounts. Don't succumb to MS's need for you to be online.

Useful as MS has removed the BypassNRO script from preview builds

We've got two great community talks lined up on our Discord server!

Wed 21st May @ 19:00 BST, Jon Bonacci will be delivering "Ransomware Unmasked: The Evolution, Tactics, and Defense Playbook"

and then on Tues 22nd July @ 20:00 BST, Joseph Deskin will be presenting "Cobalt Strike 101".

Hope to see you there 🎉

https://discord.gg/aCgUbE8ePD