⏰ 1 HOUR TO GO 🚨 Next Code Drop hits today at 4PM EDT! Don’t miss your chance to grab a ticket to the Red Team Village party at AREA15. Make sure you're following @redteamvillage_ — tickets go quick.

🐺 It's time to unleash the hounds! Hugo & Joey Dreijer are bringing BloodHound wizardry to Red Team Village at #DEFCON33. No shells to pop, no buffers to overflow; just a full-blown digital treasure hunt. Learn more: redteamvillage.io/defcon-33

Manual recon commands eating up your time? 🕐 Gavin K breaks down how Mythic Eventing automates those repetitive reconnaissance tasks during RTOs, complete with starter YAML scripts you can customize. ghst.ly/45jwYDr

New blog post just dropped! West Shepherd breaks down extending the Mythic Poseidon agent for ARM64 Dylib injection on Apple Silicon. Details include: ✅ Shellcode construction ✅ Memory allocation ✅ Runtime patching ✅ Thread creation Read more ⤵️ ghst.ly/41Nu4ED

I Just documented a cool way to authenticate proxied tooling to LDAP in an AD environment using C2 payload auth context, without stealing any tickets or hashes! Keep tooling execution off-host and away from EDR on your Red Team assessments! specterops.io/blog/2025/08/2…

Trying to fly under EDR's radar? Logan Goins explains how to use HTTP-to-LDAP relay attacks to execute tooling completely off-host through the C2 payload context. Perfect for when you need LDAP access but want to avoid being caught stealing creds. ghst.ly/41mjMv7

App-Bound Encryption isn't stopping hungry attackers from getting into the cookie jar. 🍪 Join Andrew Gomez & Antero Guy at #BSidesDenver Sept 12 to learn how threat actors are still stealing browser secrets, plus a sweet EntraID cloud pivot bonus. ➡️ ghst.ly/45Bguqx

Keep thinking.

#MiamiHerbert earned its highest placements to date in U.S. News & World Report's 2026 rankings! Read more: news.miami.edu/miamiherbert/s…

We came, we stormed, we CONQUERED.🙌

Off to San Diego for offensive ai con

I feel like Yuval Gordon's briefly mentioned new dMSA account takeover mechanism in his last blog didn't get enough attention. A new account takeover mechanism is on the horizon. I wrote a blog detailing it, releasing with a new BOF I wrote called BadTakeover specterops.io/blog/2025/10/2…

Cleaned out my cable bin. Pretty sure I will have a need for a random obscure cable once the trash comes this week.

I see lots of posts from job seekers mentioning how they’ve spent many months and countless hours applying to thousands of jobs without any success. With everyone else mostly doing the same thing and with these (awful) ATS systems at play, I’m not certain this is the best use of

New blog post is up exploring a vuln I found in Claude Code (CVE-2025-64755) allowing arbitrary file write without a consent prompt. New tech is always fun to explore, hopefully this post gives you some hints as to future research :) specterops.io/blog/2025/11/2…

Extremely thankful for family, friends, and coworkers both former and current. I would not be where I am without you and your belief in me and support!

SCOM monitors critical systems, but insecure defaults make it a powerful attack vector. At #BHEU, Garrett & Matt Johnson show how to abuse SCOM for credential theft, lateral movement, and domain escalation, plus how to defend it. ghst.ly/4aoggph

See you all next week...excited to present with Matt Johnson at #BHEU! 💣

That's a wrap! The @RedTeamVillage #CTF at BSidesPhilly is officially over. Congratulations to the winners and everyone who participated! See the final results here: threatsims.com/user/events/a8… #RedTeamVillage #BSidesPhilly #HackingCommunity