Just wondering, anyone ever hired two red teams simultaneously (without telling them that they're not the only one)?
Did they find each other?
And did one of them manage to compromise the other?
No practical value but would be funny and interesting though. Maybe someone had some extra budget and was curious?
Extracts browser-stored data such as refresh tokens, cookies, saved credentials and more from modern Chromium-based and Gecko-based browsers (Chrome, Microsoft Edge, Firefox, Opera, Opera GX and Vivaldi).
🎙️ Nouveau podcast avec Charles F. Hamilton : La guerre Red Team vs EDR
Les EDR restent vulnérables à des techniques simples. Les "named pipes" contournent le ML depuis 8 ans. Une fois au kernel, toutes les protections tombent.
La vraie solution ? Configurations de base + analystes humains. L'IA ne remplace pas le threat hunting.
🎧 Web: https://polysecure.ca/posts/episode-0x692.html#67b773dc
🎧 Spotify: https://open.spotify.com/episode/0hu9zRI741MBi5jLm13hjb?si=NTfMt6JYRxOzte7qUD2Gzw
🎧 YouTube: https://youtu.be/5n0ce2p2CfE
The Microsoft ms-photos URI scheme takes fileName as parameter, which can be submitted with a UNC path, leaking NTLMv2-SSP hashes one opened🕵️♂️
What ticketing system do Red Teamers generally perfer? How about for knowledge management?
A post about the basics of deserialization attacks🕵️♂️
https://owlhacku.com/introduction-to-deserialization-attacks
What are people's favorite JavaScript packer/minifier/compiler?
PowerShell collector for adding SCCM attack paths to BloodHound with OpenGraph🕵️♂️
A post showing how command line arguments can be used to bypass the command execution filter in claude code🕵️♂️
https://flatt.tech/research/posts/pwning-claude-code-in-8-different-ways
Wait, Why is my WebClient Started?: SCCM Hierarchy Takeover via NTLM Relay to LDAP https://specterops.io/blog/2026/01/14/wait-why-is-my-webclient-started-sccm-hierarchy-takeover-via-ntlm-relay-to-ldap/ #redteam
EDRStartupHinder: A red team tool to prevent Antivirus and EDR from running🕵️♂️
Unsere neue Podcast-Folge ist da! 🎊
In dieser Podcast-Episode berichten Michael Brügge und Hagen Molzer, Leitende Berater bei cirosec, über Maßnahmen, die erfolgreiche Angriffe deutlich erschweren. Anhand realer Erfahrungen aus Red-Team-Assessments sprechen sie darüber, warum die Sensibilisierung von Mitarbeitern, Defense in Depth, Active-Directory-Härtung, Tiering-Modelle, Netzwerk- und Mikrosegmentierung sowie moderne Angriffserkennung entscheidend sind.
Sie zeigen in dieser Folge, wie gute Vorbereitung, saubere Architektur und funktionierende Reaktionsprozesse Angreifer ausbremsen – und warum genau darin die größte Chance für Verteidiger liegt.
Jetzt reinhören unter:
🎧 Spotify: https://open.spotify.com/show/63K9JjKKOdewLx2Ma0DuNE
🍏 Apple Podcast: https://podcasts.apple.com/de/podcast/it-security-inside/id1751424875
🌐 Website: https://cirosec.de/podcast/
#Podcast #ITSecurity #CyberSecurity #RedTeam #BlueTeam #DefenseInDepth #ActiveDirectory #ThreatDetection #IncidentResponse #Tiering #Netzwerksegmentierung #Mikrosegmentierung
Lol, #LinkedIn sometimes is good for something.
Just come across this thing that lets you enumerate all of the domains within an #Microsoft365 tenant as long as you know at least one of them.
Site: https://domains.ourcloudnetwork.com/
Blog post: https://ourcloudnetwork.com/how-to-enumerate-microsoft-365-tenant-domains-in-2026/
LinkedIn post: https://www.linkedin.com/posts/danielbradley2_microsoft-domains-security-activity-7416490496874950656-sY_3
An explanation on how inconsistencies in SAML XML parsers enable signature-wrapping and canonicalization attacks that let attackers bypass authentication in Ruby and PHP libraries🕵️♂️
https://portswigger.net/research/the-fragile-lock
#infosec #cybersecurity #pentest #redteam #web #xml #bugbounty
A small python script to extract all related domains for a specific Office 365 tenant🕵️♂️
#infosec #cybersecurity #redteam #pentest #osint #azure #entra #cloud #opensource
INFORM-Framework: Bedrohungsbasierte Cybersicherheit messbar machen
Strategische Verteidigungsplanung mit neuem Messansatz
Die MITRE Cyber Threat Intelligence Division (CTID) präsentiert INFORM, ein webbasiertes Bewertungsinstrument für bedrohungsorientierte Sicherheitsarchitekturen
Aller la team #VendrediLecture 🦄🐰🎩
Je reprends la #RedTeam en version poche ! "Ces Guerres qui nous attendent : 2030-2060" les trois tomes ! Y compris les "Ultimes Scénarios"
Facile à inclure avec l'Encyclopédie #CyberAge pour des scénarios #CyberPunk en Jeu de Rôle ! #JdR
Extracts browser-stored data such as refresh tokens, cookies, saved credentials, credit cards, autofill entries, browsing history, and bookmarks from modern Chromium-based and Gecko-based browsers (Chrome, Microsoft Edge, Firefox, Opera, Opera GX, and Vivaldi)🕵️♂️
A python-based pentesting library for Azure and Entra ID🕵️♂️
https://github.com/codyburkard/azol
#infosec #cybersecurity #redteam #pentest #cloud #python #opensource
The DEF CON Training Singapore course lineup is now live!
We’re thrilled to share the full slate of courses for the first-ever DEF CON Training Singapore! Join us in April for hands-on, skills-forward trainings led by top practitioners from across the community. Whether you’re sharpening fundamentals or diving deep into emerging threats and advanced techniques, there’s something here for you!
Explore the full lineup and course details here:
https://training.defcon.org/collections/singapore-2026
Spots go fast, so take a look, grab your seat, and get ready to learn and build.
Early bird pricing available now until February 8. See you in Singapore 🇸🇬
#DEFCON #DEFCONTraining #Singapore #DCSG #Cybersecurity #Training #InfoSec #HackerCommunity #RedTeam #BlueTeam #AI #CyberTraining
