Wow, #RedTreat was a blast! Was amazing to see such high quality Red Team focused content & research being shared! 🔥 Enjoyed meeting everyone and putting faces to names/handles too! 👋 Great job and thanks to MDSec & Outflank for organising! 👏💯🏝️

Further reading from MDSec mdsec.co.uk/2024/09/findin… mdsec.co.uk/2024/10/from-p…

WAF bypasses (MDSec), sastsweep (chebuya), and more! blog.badsectorlabs.com/last-week-in-s…

When WAFs Go Awry: Common Detection & Evasion Techniques for Web Application Firewalls, a good compilation of evasion techniques by MDSec mdsec.co.uk/2024/10/when-w…

😈 Common Detection & Evasion Techniques for Web Application Firewalls → Fuzzing, reversing regex rules, obfuscation/encoding, alternative character sets, request header spoofing + Real-world case studies of bypassing CloudFront, Cloudflare, F5 BIG-IP ASM, and Azure

Ready for some Thanks Giving reading? Nighthawk 0.3.3 Evanesco is now live for customers nighthawkc2.io/evanesco/ #happythanksgiving

MDSec great work to the Nighthawk team :) Very impressive set of new features.

Ever come across Altiris on a red team? We did.... Check out this post from Matt Johnson on how to extract ACC creds... Extracting Account Connectivity Credentials (ACCs) from Symantec Management Agent (aka Altiris) mdsec.co.uk/2024/12/extrac…

Hacky Christmas to all, see you in 2025 🎄🎅

Please note, if you register for this with anything but a business email you will be rejected 🕵️

I'm not doing training at BH USA this year, but some friends are and I highly recommend their courses: - Adv Detection Engineering by FalconForce Official - Building AI agents by Roberto Rodriguez 🇵🇪 - Adversary Simulation by MDSec And ofc the awesome courses by SpecterOps folks!

Last year's Black Hat was a blast so we're doing it all again! Join me and the @MDSeclabs crew in Vegas. Early bird discounts are now available. blackhat.com/us-25/training…

NEW LAB: Mustang Panda 🐼🔍 Chinese cyber espionage APT targeting a government body across the U.S, Europe, and APAC Test your blue team skills on 👀 .NET malware 👀 DLL Sideloading 👀 Webshells 👀 Procdumps Lab Contributors Adversarial Emulation: MDSec ali 🕷️

The Council of Tropical Affairs, while negotiating the mango export deal, have noticed suspicious activity on their network, specifically involving unauthorized access to shared documents. We have provided process dumps, disk images, SIEM access, and results from YARA outputs

Already three people have fully smashed the Mustang Panda lab with FULL points (zero hints used) over the weekend by MDSec and Zach Just sharing some more feedback we got on the lab 💪

Stumbled on ServiceNow during a red team? If not you might want to check our latest post on Red Teaming with ServiceNow by Tim mdsec.co.uk/2025/03/red-te…

Our red team is growing and we have a rare open position for a Principal RT Operator - if this sounds like you, get in touch 🙏 MDSec

We'd like to thank our sources researching various NTLM hash leak issues: 1) Dominic Chell 👻 of MDSec: mdsec.co.uk/2021/02/farmin… 2) Yorick Koster of Securify: securify.nl/en/blog/living… 3) Alex: swepstopia.com/url-file-attac…

I have done Parallel syscall technique in Rust. github.com/Whitecat18/Rus… Inspired by MDSec Research. #research #poc #rust