Lmst

Microsoft Copilot for SharePoint just made recon a whole lot easier. 🚨 📌Read it here: www.pentestpartners.com/security-blo... #RedTeam #OffSec #AIsecurity #Microsoft365 #SharePoint #MicrosoftCopilot #InfoSec #CloudSecurity

Microsoft Copilot for SharePoint just made recon a whole lot easier. 🚨 ... 📌Read it here: www.pentestpartners.com/security-blo... #RedTeam #OffSec #AIsecurity #Microsoft365 #SharePoint #MicrosoftCopilot #InfoSec #CloudSecurity

Exploiting Copilot AI for Shar...

Microsoft Copilot for SharePoint just made recon a whole lot easier. 🚨

One of our Red Teamers came across a massive SharePoint, too much to explore manually. So, with some careful prompting, they asked Copilot to do the heavy lifting...

It opened the door to credentials, internal docs, and more.

All without triggering access logs or alerts.

Copilot is being rolled out across Microsoft 365 environments, often without teams realising Default Agents are already active.

That’s a problem.

Jack, our Head of Red Team, breaks it down in our latest blog post, including what you can do to prevent it from happening in your environment.

📌Read it here: https://www.pentestpartners.com/security-blog/exploiting-copilot-ai-for-sharepoint/

#RedTeam #OffSec #AIsecurity #Microsoft365 #SharePoint #MicrosoftCopilot #InfoSec #CloudSecurity

Red Team: Attack Mode Engaged.
Break it before they do.
Offensive ops squad: https://techgeeksapparel.com/red-team-attack-cybersecurity-t-shirt/
#RedTeamAttack #OffSec #PenTestLife

https://www.learnfly.com/posts/course_details/hardening-windows-linux-systems

#New #Cybersecurity #Course on #Hardening #Windows and #Linux #Systems #Published.

This course can be used as a #refresher or can be used for those new to cybersecurity and are willing to learn. If you’re interested, please check through the link above and purchase if required.

Thanks.

#CyberSecurity #PhysicalSecurity #OperationalSecurity #OpSec #CyberSec #InformationSecurity #InfoSec #OffensiveSecurity #OffSec #EthicalHacking #CEH

✅ Just earned my OSCP+ certification from @offsectraining!
After 90 intense days of labs, AD exploits, real-world pentesting, and a 24h exam + 24h report marathon… I passed on my first try with 90 points!

Big thanks to everyone who supported me. This is one of the biggest milestones of my career. 🙌
#OSCP #OffSec #Cybersecurity #Pentest #RedTeam #KaliLinux #TryHarder

⚠️ Are you learning about #pentesting and #offsec ?
Join me on my #vlog where I document 📹 everything on this channel https://youtu.be/WsLn4_0C0a0?si=woPcXjJe3y6WANS_

You'll probably also learn something useful. Pentesting can be a lot of fun and a great career. 💼

Feedback is welcome.

#technology #security

I hacked someone's blog! 💻🔓

https://www.cellos.blog/hack-the-box-nibbles/

Of course, totally legally on @hackthebox .😀

Took me quite a few hours, but it was worth the pain since I am preparing for my first certification from @offsec 🚀

#cybersecurity #ctf #hackthebox #offsec

Hello Mastodon.
New year, new account. Not quite ;-) I'm just new here.

Short info about me:

I'm switching to penetration testing and bug bounty.

In 2024 I passed the OffSec Web Assessor (#OSWA) in three months.
For 2025 I plan to pass the OffSec Certified Professional (OSCP).

I will probably follow you if you write about #cybersecurity, #offsec, #infosec, #pentesting, #penetrationtesting or #bugbounty ;-)

The #Offsec #OSCP song Try #Harder

https://youtu.be/t-bgRQfeW64

#nemoradio

There's a good reason why I don't do #offsec. I don't have enough self control to keep myself from hacking the self-checkout machines to yell "it puts the lotion in the basket!" when a customer scans skin lotion.

Cool research by my coworkers at IOActive: https://www.wired.com/story/digital-license-plate-jailbreak-hack/

#infosec #offsec

Cancelling before #OffSec renewal: 'Although much progress has been made over the bad old days of offline only content and no support, the quiz platform and labs are too flaky and actually impair focus (I cannot sit and stare at a timer, idle for 45 sec!). In one module I found the free #PortswiggerLabs much more useful and helpful than the OffSec material. I will run out my year and try to do a little more, but I was never an OSCP candidate and need to focus on other things in the years to come. Cheers! '

Really happy with what I accomplished this year. Tackled the OSCP, OSWP, and finished my first HackTheBox Pro Lab Dante. Looking forward to what I accomplish in 2025. #ethicalhacking #HackTheBox #CyberSecurity #OffSec

Current status: Building a #FreeBSD 14-STABLE VM on the #Framework laptop specifically for offensive security research and development.

Hoping to finish work on a C2 framework that operates over the ptrace boundary.

#offsec #infosec

https://www.tiktok.com/t/ZP8NeQa6B/

This TikTok video is a demonstration of capabilities posted to a telegram channel selling an Android RAT.

The video demonstrates total control over a remote mobile device, which makes this similarly capable to Pegasus malware created by NSO Group, but for much more affordable rates.

Now, it could be a scam of course, I haven't paid for the product to validate it, but on the surface here it looks like a solid product.

Making Pegasus level malware available to people for under a grand. This is awesome. Everything is fine.

/End tangent.

#cyber #hacking #threatintel #apt #rat #trojan #apt #nsogroup #pegasus #russia #israel #skiddy #offsec #spyware #surveillance #nothingissafe #nooneissafe #analog #digital #worldonfire