Evan Pena
@evan_pena2003
Followers
912
Following
157
Media
7
Statuses
137
🔥🤖Excited to share a new blog I co-authored with @h4wkst3r and @kulinacs - Automating the Operator: Integrating LLMs into Offensive Security https://t.co/IHSse3iiM6 We show how LLMs make offensive work more operationally useful, introduce 2 new MCP servers, and an NTLM
armadin.com
LLMs can streamline reconnaissance, automate data enrichment, assist with repeatable attack path chains, and significantly reduce friction in triage and reporting.
1
38
111
LLMs are force multipliers for offensive security, and our red team has the proof. Read our latest blog on how LLMs are changing the way we build offensive capabilities, then hear it live at #RSAC26 on March 24!
armadin.com
From autonomous agents to automated exploit dev, see how LLMs are revolutionizing the way offsec teams build tools and scale offensive capabilities.
0
2
10
What happens when AI can reason through systems more like an attacker? In our latest Builders episode, @travis_lanham_ and @evan_pena2003 from Armadin talk through how AI could change offensive security and help teams stay ahead of cyber threats.
2
5
20
Today @ArmadinSecurity comes out of stealth. I spent my career breaking into systems organizations believed were secure. Now that expertise runs continuously at scale through agentic AI uncovering real attack paths across environments. 🚀
Armadin launches today with the largest combined Seed + Series A in cybersecurity history. AI-driven hyperattacks are here and human-led defenses can't keep pace. Meet the ultimate attacker: a swarm of AI agents built to prove what's actually exploitable before it is.
0
4
19
One of the most effective ways that organizations can prepare for cyberattacks is to be attacked — by a friend. -
cloud.google.com
What can you expect from a red team engagement? A Mandiant red team leader explains how the process can make organizations even more secure.
0
6
27
I love COMpromising COMputers 🔥 Do you? https://t.co/8u2SqJzJCp
1
8
48
As some of you may know, #CobaltStrike beacons can be detected using ETW. For CCDC our team built and used BeaconHunter to detect and respond to these threats. Github: https://t.co/NYryallQMI We were able to kill +210 beacons (~70% automated) and monitor their behavior like...
github.com
Detect and respond to Cobalt Strike beacons using ETW. - 3lp4tr0n/BeaconHunter
7
207
506
#StateOfTheHack: Extortion, Ransoms and the Wonderful Life of Red Teaming
1
8
19
UNC897 still has Red Team internship openings in Dallas (remote)!
0
17
39
Hot off the press: Shining a Light on SolarCity: Practical Exploitation of the X2e IoT Device @FireEye #redteam two part #blog walking through embedded device attacks! #embeddedsystems #IoT
https://t.co/jNkZnwhMlh
https://t.co/ApPjHKBdiB
cloud.google.com
0
7
12
#StateOfTheHack: Apex Predators: Inside OpSec Strategy
0
7
21
We're streaming the latest #StateOfTheHack episode ft. hosts @evan_pena2003 & @x64_Julian at 11am PT/2pm ET today. This episode will focus on the idea of operational security ("OPSEC") from an attacker's perspective.
2
6
13
It’s that time again! #StateOfTheHack will be streaming today! All episodes of State of the Hack are prerecorded so we hope you enjoy this holiday themed episode ft. Dirk-jan Mollema discussing Azure AD and Primary Refresh Tokens at 12pm PT/3pm ET today.
0
10
20
I often get asked "what can I do to get into red teamer or enhance my skills"? #hackthebox just released a new pro "APTLabs" which includes: "Ability to compromise networks without using any CVEs"; very practical IMO. #penetrationtesting #redteaming
https://t.co/3oK7MdUTUY
1
5
20
Nice work @PhillipWylie
"The Pentester BluePrint: Starting a Career as an Ethical Hacker" is shipping from Wiley. Several people have received a shipping notification and some actually have received their books. https://t.co/xbsNhKX9FP
1
0
3
cloud.google.com
1
17
49
Check out our latest episode of #StateOfTheHack! We will be releasing a #blogpost and tool along with this episode so stay tuned!
We're streaming the latest #StateOfTheHack episode ft. hosts @evan_pena2003 & @x64_Julian and their guests @h4wkst3r & @AndrewOliveau today @ 11am PT/2pm ET. They'll discuss what VBA purging is, the difference between purging & stomping, & the consequences of this technique.
1
3
9
Such an honor to be a host on #StateOfTheHack
Our industry keeps evolving & so does #StateOfTheHack. We want to thank @ItsReallyNick & @cglyer for 3 seasons as the hosts. And we're excited to announce our news hosts: @doughsec + @BakedSec & @x64_Julian + @evan_pena2003. We'll stream the 1st episode tomorrow @ 11am PT/2pm ET!
0
0
7
Want to see how the @Mandiant red team weaponizes @FireEye threat intel for R&D and TTP development? Check out some research I did with @evan_pena2003 and @FuzzySec. Also includes some new executables that can be used for DLL abuse.
3
116
222