First ever con talk done, thanks #x33fcon for having me!

A few weeks ago I gave a talk at Area41 Security Con on how to phish for PRTs and phishing resistant authentication methods 👀. The slides, plus a demo video on how to do this with credential phishing are now on my blog: dirkjanm.io/talks

I can make you click a phishing link. Want to know how? Just click this link and I will teach you ;) Don't worry. This is not a test. Nobody will know. Just do it: posts.specterops.io/i-will-make-yo…

So... this is a pretty accurate description of the current situation...

Great talk on the process and results of hunting logic bugs in Mac land.

Linux symbol obfuscation using `dl_iterate_phdr`. Great bit of research and blog from kozmer bulletproof.co.uk/blog/tech-talk…

My talk on automating red team inf is out! There is a slight change to the release schedule mentioned in the talk. The API poc will be coming soon, but there have been some delays. Keep an eye out. Thanks for having me #x33fcon ! Looking forward to the next one!

One persons outage, is another persons OSINT op 😂

I haven't posted anything about Havoc in a while so imma share something I have been working on. Wrote a custom VM/Interpreter (based on the RISC-V instruction set) to execute exploits and other arbitrary code. The client is now fully extendable and scriptable via the Python API

Excited to share that the Malcrove - Next Generation Security Red Team just dropped new blog and new tool SeamlessPass! utilizing Microsoft’s Seamless SSO feature to acquire access tokens for Microsoft 365 services by leveraging on-premises Active Directory Kerberos tickets malcrove.com/seamlesspass-l…

🫡🫶

I'm calling it. Security has been solved.

We've been putting these to good use lately on some ops. github.com/kozmer/aad-bofs Keep an eye on future updates from kozmer. #redteam

Looks sick, gui and automate all the things :)

Nice new feature incoming for those RT's out there using Tailscale for inf. tailscale.com/kb/1226/tailne… This change imo, addresses the what if on tail-scale being compromised. Cant really see any reason for headscale in prod if this is correctly rolled out now?

🔥 aff-wg.org/2025/06/04/pla…

My hot take on AI 🌶️. It's less about efficincy and more about scale. byt3bl33d3r.substack.com/p/ai-doesnt-ma…

Another awesome bit of linux Maldev research work from kozmer

Password cracking with vast.ai made easier :) Enjoy. github.com/d-sec-net/VPK

🦀🦀 github.com/kozmer/rspy