#RedTeam

Scratch News Australia

@scratchnews.io

10 hours ago

The top of the image features the text "SCRATCH NEWS AUSTRALIA”, the title "SPY VS SECURITY”. A black and white cartoon drawing shows two people facing each other engaged in a clandestine conflict. Both people are wearing wide-brimmed fedora hats and long, high-collared trench coats. At the bottom of the image is “SECURITY TOOLS & NEWS" and yellow-highlighted text "scratchnews.io” The image promotes Scratch News Australia, scratchnews.io

Catch up with the latest #security topics, #test your #cybersecurity & #infosec readiness

News
👉 scratchnews.io/tag/Security...

Events
👉 scratchnews.io/category/587

Tools
👉 scratchnews.io/tag/Security...

#Australia #NZ
#hacking #redteam #blueteam #appsec #cloud #ai #devops

r1cksec

@r1cksec.bsky.social

1 day ago

Windows of Opportunity: exploiting race conditions in Seclogon to dump LSASS | Otter's Notes

By altering the calling threads process ID and extending the exploitation window with file locks, an attacker can trick Seclogon into creating privileged LSASS handles for memory dumping

otter.gitbook.io/red-teaming/...

#infosec #cybersecurity #redteam #pentest #windows

r1cksec

@r1cksec.bsky.social

2 days ago

Building an AI Vishing Solution in 7 Days A quick and dirty guide on how to rapidly deploy a fully autonomous coversational AI agent for voice-based social engineering

In late 2025, Reversec built a system that streamlined voice phishing (vishing) attempts using autonomous conversational AI agents that followed a pretext for gaining initial access

labs.reversec.com/posts/2026/0...

#infosec #cybersecurity #redteam #phishing

J'ae Filet, Arkifane - Archmagos @ Telecomix - MeMBu

@membu.org

2 days ago

#Pentesting
#InfoSec
#CyberSecurity
#RedTeam
#MeMBu

Hacking Team

@hackingteam.bsky.social

3 days ago

🔎Gathering Information on a WhatsApp Account

github.com/kinghacker0/...

#OSINT #redteam #KaliLinux #pentesting #kalilinuxtools

CyberTaters

@potato.software

3 days ago

Vulnerable and malicious Windows drivers database

loldb.xsec.fr

#infosec #potatosecurity #redteam #pentest #windows

r1cksec

@r1cksec.bsky.social

3 days ago

Vulnerable and malicious Windows drivers database

loldb.xsec.fr

#infosec #cybersecurity #redteam #pentest #windows

StrikeReady Labs

@strikereadylabs.com

4 days ago

#dailyopendir #susp #redteam 172.178.44[.]139/stager/

r1cksec

@r1cksec.bsky.social

4 days ago

Abusing Cortex XDR Live Terminal as a C2 - InfoGuard Labs The Cortex XDR agent includes an incident response feature called "Live Terminal", which attackers can abuse as a C2.

The Live Terminal feature of Cortex XDR can be abused by attackers as a pre-installed, EDR-trusted C2 channel

labs.infoguard.ch/posts/abusin...

#infosec #cybersecurity #redteam #pentest

Cybersecurity News Everyday

@hendryadrian.bsky.social

4 days ago

The Role of Generative AI in BAS: Why Attackers Move in Minutes and Defenders Still Take Days Generative AI enables attackers to operate at machine speed, allowing autonomous workflows that can exploit misconfigured Fortinet appliances, map internal networks, dump credentials from Active Directory, and extract data from thousands of organizations in under an hour. Picus proposes an agentic BAS architecture—four cooperating agents (Researcher, Red Teamer, Simulator, Coordinator)—that compresses threat intelligence to remediation into minutes and automates safe, high-coverage simulations and vendor-specific remediation. #Fortinet #Picus

Generative AI accelerates attacks on Fortinet appliances, enabling rapid internal mapping, credential dumping, and data extraction in under an hour. Picus introduces agentic BAS to cut response from days to minutes. #Fortinet #RedTeam #USA

Aaron Brick — אהרן בריק

@aarbrk.mstdn.mx.ap.brid.gy

5 days ago

Erdős acolytes and reckless clubbers unite! The medical chatbot “Doctronic” can recommend courses of methamphetamines.

Source: www.axios.com/2026/03/04/doctronic-uta...

#ai #security #redteam #drugs #medicine

co11sec

@co11sec.bsky.social

6 days ago

Kerberoasting is very famous, but AS-REP Roasting is also super effective. If you find AD accounts that "don't require Kerberos pre-authentication," just pull the hashes and crack them offline—no password needed! 🗝️ #ActiveDirectory #RedTeam #Pentesting #cybersecurity

r1cksec

@r1cksec.bsky.social

6 days ago

GitHub - toneillcodes/DPAPI-BOF: A collection of DPAPI hunting and parsing BOFs A collection of DPAPI hunting and parsing BOFs. Contribute to toneillcodes/DPAPI-BOF development by creating an account on GitHub.

A collection of DPAPI hunting and parsing BOFs

github.com/toneillcodes...

#infosec #cybersecurity #redteam #pentest #windows

r1cksec

@r1cksec.bsky.social

1 week ago

GitHub - r1cksec/cheatsheets: Collection of knowledge about information security Collection of knowledge about information security - r1cksec/cheatsheets

New cheatsheets pushed

github.com/r1cksec/chea...

#infosec #cybersecurity #redteam #pentest #threatintel #malware #dfir #bugbounty #opensource

Wulfy—Speaker to the machines

@n-dimension.infosec.exchange.ap.brid.gy

1 week ago

New paper: "Agents of Chaos."
20 AI researchers red-teamed autonomous #LLM agents with email, shell access, and persistent memory.

How do you compromise one? Change your Discord display name to the owner's. In a new channel. That's it. Full admin. File deletion. Identity reassignment.

An agent […]

CyberTaters

@potato.software

1 week ago

SecInterview: "No nmap, no netcat, no internet. Just a restricted Bash shell. How do you port scan the network?"
This is where tool dependency fails you. The fix? Using Bash's built-in /dev/tcp feature to manually scan ports like 445 & 3306. #infosec #potatosecurity #redteam

co11sec

@co11sec.bsky.social

1 week ago

SecInterview: "No nmap, no netcat, no internet. Just a restricted Bash shell. How do you port scan the network?"
This is where tool dependency fails you. The fix? Using Bash's built-in /dev/tcp feature to manually scan ports like 445 & 3306. #infosec #cybersecurity #redteam

r1cksec

@r1cksec.bsky.social

1 week ago

GitHub - m0x41nos/TimeAfterFree: PHP 8 Sandbox Escape PHP 8 Sandbox Escape. Contribute to m0x41nos/TimeAfterFree development by creating an account on GitHub.

PHP 8 sandbox escape PoC demonstrating a disable_functions bypass on Unix-like systems.

github.com/m0x41nos/Tim...

#infosec #cybersecurity #redteam #pentest #php

@outflank.bsky.social

1 week ago

Spring fever has us dreaming of cutoff hoodies in the sun. For now, we're happy to roll up our sleeves and show off our evasive #redteam toolset. Join us March 11:
register.gotowebinar.com/register/282055344265359...

r1cksec

@r1cksec.bsky.social

1 week ago

GitHub - V-i-x-x/WIFIAIR-C2-Channel: Command channel that uses Wi-Fi Beacons as a unidirectional C2 transport Command channel that uses Wi-Fi Beacons as a unidirectional C2 transport - V-i-x-x/WIFIAIR-C2-Channel

Command channel that uses Wi-Fi Beacons as a unidirectional C2 transport

github.com/V-i-x-x/WIFI...

#infosec #cybersecurity #redteam #pentest

Mr.Un1k0d3r

@mrun1k0d3r.bsky.social

1 week ago

We are going live tonight at 7 PM EST

@everyone we are going live tonight at 7 PM EST.

Episode 34: Spawning a process through token impersonation. The proper way to gain another process's user privileges.

truecyber.world

#redteam #training

Lab401.com

@lab401.bsky.social

1 week ago

🍍📟 Portable tri-band Wi-Fi pen-testing powerhouse in your pocket! Standalone audits anywhere. Get yours now: l.lab401.com/8OlwZ
#Lab401 #pentesting #WifiSecurity #RedTeam #DuckyScript #Hak5

r1cksec

@r1cksec.bsky.social

1 week ago

NTLM.PW - Hash to password lookup Instantly look up NTLM hashes and resolve them to plaintext passwords using our database with 8B+ entries.

This database has 8.726.485.619 unique hashes (NT, LM, MD5, SHA1, SHA256)

ntlm.pw

#infosec #cybersecurity #redteam #pentest

Compass Security

@compass-security.com

1 week ago

WinGet can be more than a package manager. We show how .𝚠𝚒𝚗𝚐𝚎𝚝 configs + a self-referencing LNK become a viable initial access payload when Microsoft Store is enabled. Includes detection queries & mitigation tips.
blog.compass-security.com/2026/03/wing...
#RedTeam #Windows #LOLBins #InitialAccess

Lab401.com

@lab401.bsky.social

1 week ago

The O.MG Plug Elite is now at lab401.com/! 🗝️ A powerful payload platform hidden in a keyring-sized USB plug. Stealth, wireless control, and DuckyScript 3 in one tiny tool. 💻 l.lab401.com/pAL9g
#OMGPlug #RedTeam #Pentesting #Lab401

ToxSec

@toxsec.bsky.social

1 week ago

24k burner accounts. 16M queries. three chinese labs distilled Claude's agentic reasoning into their own models and nobody noticed until it was done. API access is the attack surface. #AISecurity #ModelDistillation #RedTeam

r1cksec

@r1cksec.bsky.social

1 week ago

GitHub - 0xbbuddha/notion: Notion C2 Profile for Mythic Notion C2 Profile for Mythic. Contribute to 0xbbuddha/notion development by creating an account on GitHub.

A Mythic C2 profile that uses Notion as a covert communication channel.

github.com/0xbbuddha/no...

#infosec #cybersecurity #redteam #pentest #opensource

Lab401.com

@lab401.bsky.social

1 week ago

The O.MG Unblocker: the ultimate deviant twist on a USB Data Blocker! 🛡️ Stealthy O.MG payload power disguised as a "USB Condom" for red-team success. Available now at lab401.com/! 🔌 l.lab401.com/elJvz
#OMGUnblocker #RedTeam #Pentesting #Lab401

r1cksec

@r1cksec.bsky.social

1 week ago

GitHub - Maldev-Academy/PrefetchFileParser: A lightweight Windows Prefetch file parser to extract programs' execution history A lightweight Windows Prefetch file parser to extract programs' execution history - Maldev-Academy/PrefetchFileParser

A lightweight Windows Prefetch file parser to extract programs execution history

github.com/Maldev-Acade...

#infosec #cybersecurity #redteam #pentest #opensource