A last cheeky bike session to keep my legs moving before Sunday and marathon number two in my trilogy - Manchester.

Still time to donate to VICTA UK and help me support blind and partially sighted kids.

2024tcslondonmarathon.enthuse.com/pf/robin-wood

My company ogSec Consulting has partnered with Zero-Point Security to create some essential report writing training. It will not just boost your writing skills but also the efficiency & quality of your assessments. Check out what's covered in the course here: training.zeropointsecurity.co.uk/courses/the-ar…

One of the best con workshops I've done was a report writing one at BSides Las Vegas many years ago.

I'd also recommend this talk by Brian King .

youtube.com/watch?v=c_LBWq…

Reporting may not be sexy, but it's an incredibly important aspect of a pentester's role which many of us lack. Luke has done a really good job in covering everything you need to know from client engagement, to QA, delivery, and post-assessment. Check it out!

It's been a while since the last tweet and I really don't like to debate publicly, but after 6yrs hunting on MSRC, I finally got really messed up by their rules. They refused to pay bounty for a critical EoP issue and said I accessed the customer/PROD data. Well, it's hard to…

This is going to be very useful, I've already started writing some and will pinch this one as well.

Since EA 2024.3.1, it's possible to add custom columns to all the tables visible in Burp Suite

In the following screenshot, I simply extract the value of the 'Server' header

New: been following a 'world war' in Com, the community of criminals linked to some of the most high profile hacks. See messages about a robbery on Telegram, then verify it happened. A snapshot of how digital/physical crime are completely intertwined 404media.co/inside-the-com…

Don't forget, our Call for Crew and Call for Papers are both still open

CFC - docs.google.com/forms/d/e/1FAI…

CFP - docs.google.com/forms/d/e/1FAI…

github.com/ZephrFish/Stom… came out of the lab creation and might be featured ;)

Hi friends! Do any of you happen to live in London or near enough to come say hi if I happen to find my way there?

I spent a few hours this weekend making a tool to create randomly insecure file shares that also contain unsecured credential files. It's a rough cut, but, some of you may find it useful or may like to build upon it/customize it for your use cases ✌

github.com/techspence/Bad…

I'm excited to be part of this, and have helped out in both creation and the alpha, go check it out folks!

If we make ransowmare payments illegal it will give threat actors even more leverage to extort the victims I reckon…

But also it will be chaos….

The threat actors will still steal the data and trash the networks. Let’s say they stop getting paid…..

What will the baddies…

do you have a cyber security department at your organisation? (do not include yes if that is IT, also please DO NOT VOTE IF YOU WORK FOR A SECURITY VENDOR/MSSP etc.)

This is an older tweet I think about often.

GitHub - netsecfish/dlink

Sigh… github.com/netsecfish/dli…

A bit later than we were planning to put out, but here is our Call For Crew. It will be running till the 29th April.

Put your name down if you think you can help.

docs.google.com/forms/d/e/1FAI…