Defcon book haul! A lot of other ones I wanted to pickup, only so much space in my suitcase, though lol

Opportunity here to work with the best talent in the industry.

Can we call it vibe engineering when you actually integrate software development processes like test first dev, integration checks, sprints etc There is a big difference between someone who knows how to make software using cursor. And someone who doesn't....

Anyone know good sources for learning ARM exploit dev. Its all going that way and I would like to be ahead of the curve instead of being stuck in 32 bit land and windows xp lol

While playing DEF CON CTF Finals with Shellphish I managed to solve the ICO challenge using LLMs (GPT5 + Cursor) and almost no human intervention. You can read how I did it here! wilgibbs.com/blog/defcon-fi…

The world isnt ready for the polymorphism of worms running as AI agents. That sure is a nice claude cli you have on your computer there.

With the OSC3E done, that is a multi year goal out of the way, and the highest mountain i could find climbed. I am feeling kind of lost. I guess it's now time to transition into competing as a primary goal. Does anyone know a good ctf team with a spot open? Maybe other

Today I learned about the Pyramid of Pain. It shows the effort attackers face when defenders block different IOCs. Hashes are easy to change, but blocking a tool or tactic causes real disruption. Most importantly, it has a cool name!

I don't know what I expected

Good morning everyone, half way thru the week! Reminder that social media can be very toxic. Compare yourself to who you were yesterday, not who someone else is today.

The more I learn about Android, the more I am thankful for how much effort has gone into the secure by design nature of the platform.....

New free tool released this week to help admins get control of their applocker policies. If you’ve tried it let me know!

Just bought my ticket for BSidesRDU If you happen to be going, I would love to meet up and say hi!

Today I learned about AI DoS “Sponge” attacks. By crafting special inputs, you can maximize the amount of computations required and increase output token length. This is commonly done by manipulating the tokenization process. As an Example: Normal query: Hello world → 2 tokens

Why are they called function arguments?