12.6392° N, 8.0029° W

@esh Thank you for supporting!

@mk48 at #AWS #reInforce giving a talk on building community and culture, with a focus on the "new generation", in the All Builders Welcome Lounge (Expo Hall).

Don't forget to purchase a ticket and/or submit a #CFP for #BSidesHBG (Harrisburg, Pennsylvania)

Saturday, March 11th in a location 5 minutes from a Waffle House and about 20 minutes from Hershey, yes, like the chocolate.

Come for my keynote talk, stay to visit nearby Chocolate World!

https://bsideshbg.com/ #SecurityBSides #BSides

Looking for published papers in the Offensive Security space, is there a space specifically for published Cyber research on the web ?

https://o5wald.github.io/posts/binary_exploitation_basics/

https://cyber-judo.com/advanced-nmap-techniques

This is the only thing really worth saving, and possibly worth reading, that I ever posted to Twitter. #infosec #cybersecurity

Came across this video on NIST Standardized materials, the peanut butter and “domestic sludge” was wild 🤯

https://youtu.be/esQyYGezS7c

Elder Scrolls

⚔️ About to check out the responsible red teaming course by Taggart institute #RedTeaming

https://taggartinstitute.org/p/responsible-red-teaming

It's here!

Responsible Red Teaming is available TODAY at the Taggart Institute!

"Great hackers are good people."

Many red teaming courses teach the technical process of how to exploit targets. But that's usually where the conversation ends.

Responsible Red Teaming, a FREE seminar of written lectures and practical labs by @huskyhacks, continues the red teaming conversation about what it means to be safe, responsible, and pragmatic during red team engagements. The course challenges you to consider your own ethical frameworks and what you believe you owe to your clients and their data.

Then, you'll refine your operational red team skills by imbuing your tactical decisions with responsibility and ethicality. You will set up red team infrastructure and examine it with scientific rigor to ensure that it is secure. You will write emulated malware that balances its intended impact with responsibility.

Finally, you will complete the course capstone, a Choose Your Own (Pwn) Adventure featuring a live vulnerable virtual machine and a branching red team engagement story where your choices matter.

This is not a course that teaches you how to be a red teamer. It’s a course where you learn how to operate with honor.

https://taggartinstitute.org/p/responsible-red-teaming

#InfoSec #CyberSecurity #RedTeam

Just a reminder, you can support infosec.exchange through liberapay: https://liberapay.com/Infosec.exchange/

Thanks!

🎙✨ Meet Blacks In Cyber

The Changemaking Podcast with host @ChloeMessdaghi on @ITSPmagazine with Michaela Barnett @mk48 & Arthur Pryor!

How Blacks in Cyber (BiC) promotes advancement, knowledge, education & culture in Cybersecurity...💫

Podcast Link:
https://www.itspmagazine.com/the-changemaking-podcast

#BlacksInCyber #Cybersecurity #ITSPMagazine #Podcast

WIRED just published my beginner's guide to Mastodon! Thank you to the 100+ people who responded to my request for tips and advice for understanding the culture here. https://www.wired.com/story/how-to-get-started-use-mastodon/

Welcome to defcon.social!

From the first DEF CON announcement 30 years ago inviting all to attend:

We cordially invite all hackers/phreaks, techno-rats, programmers, writers, activists, lawyers, philosophers, politicians, security officials, cyberpunks and all network sysops and users to attend.

To that I would add artists, musicians, infosec, privacy professionals, and those genuinely curious about how technology and the world works.

We hope you enjoy yourselves and be kind to others.

@SheHacksPurple 🥰 thanks for the warm welcome

Locksmith has been updated: https://github.com/TrimarcJake/Locksmith

New features:
- Improved on-screen explanation of what the script is doing
- Improved output formatting
- Confirmation now required before the AD CS environment is changed
- If Locksmith changes your environment, a script is created to easily revert those changes.
- Less false positives
- If Active Directory module is not installed, Locksmith will attempt to install it for you.

Next planned updates:
- Strict Mode support
- RDP Restricted Admin support

#IAM #IdentitySecurity #CertificateServices #ActiveDirectory #ActiveDirectoryCertificateServices #ADCS #Locksmith #OpenSource #DefensiveSecurity #DefensiveSecurityTooling #Pizza

Why not sharing here some blogposts that might be helpful (hopefully) to others.

To start, here's a list of appsec resources. It needs some updating but still several real good resources in it:

https://johnopdenakker.com/some-useful-appsec-learning-resources/

#infosec #appsec

“Being ok with sucking at something while learning” is an extremely undervalued skill.
As is “being happy for people that are better than you”.
Super important for
- learning how to code
- learning a new language
- art, music, podcasting, cooking
- really everything.
Don’t forget to teach your kids these skills.
Also, demonstrate these behaviors.
Let your kids see you being bad at something and not giving up and staying positive.