Only OG’s have a Diamond 💎 Badge If you’re one of them LIKE AND RETWEET Pond0x.com

We’ve released a Malware Analysis Report with analysis & detection signatures on files related to Microsoft SharePoint vulnerabilities known as #ToolShell. Review IOCs and detection signatures in our 🆕report 👉 cisa.gov/news-events/an…

GRAND DAY

⏱️ Instant Timelines with THOR - No manual tagging. No log wrangling. DFIR expert Maurice Fielenbach shows how to map persistence in minutes: ✔️ Registry Run Keys ✔️ Startup folder implants ✔️ LOLBin payloads 👉 Step-by-step guide & tool usage here: eu1.hubs.ly/H0mvr2d0

You work with #XDR and always wanted to the process tree data outside of the Defender portal? With XDR Story Parser you can ▫️Redact sensitive information ▫️Export process tree as screenshot ▫️Extract PowerShell and command-lines ▫️Zoom in onto a process f-bader.github.io/XDRStoryParser/

Highly recommend everyone read the latest Microsoft Threat Intelligence blog, especially if you are involved in identity or cloud security. It details how threat actors can pivot between both your on-premises and cloud identity planes and cause destruction across both. Without proper guardrails

Interesting report from Sophos covering malicious Velociraptor use 🔎 news.sophos.com/en-us/2025/08/… Checking out this msi: 💾 • they used Velociraptor version 0.73.4. • Server likley installed on ~04/08/2025 10:03:15 (self signed certificate) • v2.msi - virustotal.com/gui/file/649bd… As

Interested in what real world Active Directory compromise looks like and how to prevent it? I wrote a deep dive on what we continually see when Active Directory gets owned. Hint: stop letting domain admins log onto all your endpoints Read here - techcommunity.microsoft.com/blog/microsoft…

„Rettung der Kinderkrankenpflege” - Jetzt unterschreiben! c.org/FgHXmtFGLp via Change.org Deutschland

GRAND DAY $PORK

GRAND DAY

How NTLM authentication works #ThreatHunting #DFIR

writing C in 2025? this is the book. > this book covers the new C23 standard and teaches how to write safe, fast, and modern C code that actually scales. > perfect for embedded devs, systems engineers, and anyone who wants to master the language that built everything

Regular reminder… this hardening series by Jerry Devore is super awesome. There’s no way you won’t learn things by reading these. Part 1 - Disabling NTLMv1 Part 2 - Removing SMBv1 Part 3 - Enforcing LDAP Signing Part 4 - Enforcing AES for Kerberos Part 5 - Enforcing LDAP

This is an absolute goldmine of information for blue🔵| red🔴| purple🟣... Seriously, you need to know about these tools! These are the tools that threat actors use frequently. There aren't any magic or fancy tools responsible for 99% of intrusions. go.spenceralessi.com/adsecurity

🎁 GenAI x Sec Advent 11 - Inside the AI arsenal I’ve built Over the past few years I tested a lot of ideas around AI for threat intelligence and security. I created workflows, agents, advanced RAG setups, and concepts I talk about in this space all the time! I wanted to show

Open Klara released - your own private cloud Yara scanner! Together with our community member Gajesh, I would like to announce the fork of the KLara project into Open Klara! We aim to maintain, support and fix future bugs. Open KLara is a community-driven fork of the original

The Art of Pivoting - Techniques for Intelligence Analysts to Discover New Relationships in a Complex World github.com/adulau/the-art…

🚨 It’s back! 🚨 The INFOSEC SURVIVAL GUIDE has returned! Read our FREE Orange Book: Incident Response below or at the link here -- blackhillsinfosec.com/prompt-zine/pr… In the United States? Get a physical copy shipped to you for FREE -- spearphish-general-store.myshopify.com/products/the-i… If you loved our Yellow