Come through and say hi.

We staff our booth slightly differently, so you can chat directly to the people who research, design, build & support¹ our Canaries & Canarytokens.

__
¹ or me 🤷‍♂️

1/ Important judgment of the Supreme Court of Appeal last Thursday in the case involving Independent’s possession of a report of the SSA classified “secret”. The court made clear that it has the residual power to consider whether a document before it is properly classified.

some people asked for the code .. so I decided to quickly refactor my scrappy paramiko script and turned it into an ssh agent implementation that works with a vanilla openssh client that has a single line patched out. github.com/blasty/JiaTans…

In his next post, Downgrader describes how he found CVE-2024-26331 and CVE-2024-28269, an authentication bypass and RCE vulnerability in ReCrystallize Server.

sensepost.com/blog/2024/from…

AngusRed is #Hiring Dominic White 👾 BSides Cape Town Orange Cyberdefense's SensePost Team Jason Spencer Thanks to AI, our first song is out! (via Justin Perdok) youtube.com/watch?v=xkFWkB…

This is an older tweet I think about often.

the #xz case was first revealed on #Mastodon , not on X. As far as I can see (I still keep an eye on twitter) the discussion on Mastodon is far richer on that topic. If you're interested in tech, don't waste your time on Musk's toy.

Tried my hand at some basic RAG to see if I could get an LLM to give me the full hacker's manifesto since ChatGPT and Llama won't.

It worked!

X is exhausting. Shared a nice video someone made, said something at the end without providing all the context, and now I'll receive replies all day 'correcting' it. At least on Fedi I could edit the original to correct it.

I don't spend much time in this place anymore, so I didn't really notice that change to embedded articles - wtf, why is the embed card like that?

Vortimo and Roelof Temmingh are awesome, and I can’t recommend these tools highly enough.

Except for the CCNA bit, this is great advice.

we lost Kelly one year ago 💔 still devastating that I’m not “the other kelly” anymore

please think of her today and embrace the authenticity, vulnerability, creativity, compassion, and whimsy she embodied

In our latest post, @[email protected] takes a surreal journey from RS232 to ESP32!

sensepost.com/blog/2024/seri…

🚨Insomni'hack 2024:

[WORKSHOP] Windows Attack & Defense by Clément Labro & Julien Oberson.

👉Don’t miss this opportunity to attend this 2-days workshop at Insomni’hack 2024! Details and registration: ow.ly/pYvo50QsY0P

#INSO24 #Insomnihack #cybersecurity

Building on work Willem Mouton was doing internally for a long time and still having good success in a recent Red Team, Felipe Molina just published a tool called 'mail-in-the-middle' that automates weaponising mail sent to typo'd domains. Check out the blog post!

sensepost.com/blog/2024/mail…

Earlier this week I gave a talk to our internal hacking teams about the difference between good hackers and great ones that have been able to impact our field. I included three extended quotes - two from writers and one from Hamming that influenced my approach early on. Maybe

The first release of WiFi Explorer Pro for Windows is now available at intuitibits.com/products/wifie…