Imposter Syndrome is real, but you can take it multiple ways:.1) Out of any group, there is always something to learn.2) Out of any group, there is knowledge that only you have. Share it!. Be excellent to each other, always be learning, and always share!

RT @TrustedSec: Chrome Remote Desktop can offer red teamers a subtle way to bypass restrictions—if they know how to use it. In this blog, @….

RT @Wietze: 🆕 Recent additions to . • shell32.dll,#44 for DLL execution.• PhotoViewer.dll for INetCache download.•….

RT @Laughing_Mantis: Truly humbled to share I had the honor of being a guest on the legendary @DarknetDiaries. We talked about some wild st….

Anyone using Kubernetes at your company? You should strongly consider this class, if so. Jay does a fantastic job outlining the realistic risks and defenses, with lots of actionable take-away lessons.

RT @harmj0y: Happy Friday! @tifkin_ and I are happy to announce that we have cut the release for Nemesis 2.0.0 - check out the CHANGELOG fo….

RT @RachelTobac: Now Scattered Spider is claiming they’re focusing on hacking aviation and transportation companies. Hawaiian Airlines and….

RT @dinodaizovi: This may highly indicative of where AI currently has the most utility: broadly scaling at the lower-end. It isn't going to….

RT @mubix: I have two super powers that have made me successful in my career. 1) I’m really good at asking for help.2) I also know how to….

RT @soolidsnakee: ClickFix is everywhere, checkout our newest research. #malware #ghostpulse #reverseengineer #clickfix.

RT @mcohmi: Been using this for a little while and this is what you requirements.txt conservatives should move to.

As today is Father's Day (not Fathers' Day), I propose all fathers have a tournament to find out whose day it *really* is. Note: If I'm drawing up the brackets, I'm putting @HackingDave on the opposite side of me 😂.

Smells like authenticated (as any user) RCE as SYSTEM. So not quite MS17-010 levels of bad (as that requires no authentication), but definitely "Domain User becomes Domain Admin in one step" levels of bad, if this is weaponized.

RT @brutecat: Leaking the phone number of any Google user.

Groundhog Day is here again. Or perhaps it never left? 🤔.

RT @naumovax: Just look at my happy face :).So, my speech ended, thank you very much for coming and listening! I hope it was interesting 😇….

RT @badsectorlabs: MATCH (c1:Computer)-[:MemberOf*1. ]->(g:Group) WHERE g.objectsid ENDS WITH '-516' WITH COLLECT(c1[.]name) AS dcs MATCH (….

Hot take: Creds in company-wide file shares is a bigger risk to most orgs than all internal CVEs combined.

RT @Recon_InfoSec: @jeffmcjunkin If you're not registered yet, it's free. Join here:

RT @Recon_InfoSec: Thursday is approaching! Join us tomorrow at 12:30 CT for #ThursdayDefensive to discuss using #AI to learn faster, with….

RT @_EthicalChaos_: A little while ago I tweeted about a potential BOF-PE design. So here it is, a new design that includes a fully linked….