I’m super pumped to release v1.0 of my free Azure security tool (PurpleCloud) in the hopes that it will be useful to the InfoSec community evolving the so called “Purple Teaming” in the cloud! . Website:

RT @SANSOffensive: 📣 Registration is OPEN for Hack & Defend Summit!. Join @Steph3nSim & @SecHubb on Oct 28-29 in Austin, TX, when Red & Blu….

I just published this article - "Sentinel for Purple Teaming" .Automates logging configuration to Sentinel. AD deployment. Explores different Managed Identities from a pentester lens. #CloudSecurity #Azure #pentest #PurpleTeam.

You can run injects of user behavior and create the telemetry that will make your training very realistic. "GHOSTS Playground" is released under a permissive MIT license, allowing you control over what you do with it. Roll up your sleeves and check it out! PRs welcome and.

Use this to conduct your own research for building out NPCs using LLMs. Build your own pentest learning lab, or use it to create a Purple Teaming lab or class. I've focused on the API and building out three options to use the NPC endpoints.

Cobbled together with terraform, bash, and powershell, it pushes the resources into your own AWS account. Destroy it when you’re done! On top of GHOSTS, this little cyber range environment builds an Active Directory Forest on a DC, domain joins a client, adds an Elastic.

For those wanting to experiment with GHOSTS: I’ve created a “security playground” that automatically builds the GHOSTS server and a GHOSTS client system.

GHOSTS includes an API that is exposed and allows Admins to run injects of user application behavior. Dustin has also added some capabilities and research allowing integration of LLMs and Generative AI tools like ChatGPT, to help create these NPCs and their behaviors.

GHOSTS is an InfoSec framework that creates non-player characters (NPCs) that can be programmed to do things on the network that any human would do like web browsing, email, running other apps. Created by researchers at Carnegie Mellon University like @dustinupdyke , it adds.

Releasing this security lab environment called "GHOSTS Playground" - it implements the "GHOSTS framework" - what is GHOSTS? Read on. #purpleteaming #pentest

RT @SANSOffensive: In this modern age, battles are fought on many fronts. In Chapter 1 of the Aviata Cloud Solo Flight Challenge workshop s….

Changes:.* Added TLS hosting with new Caldera 5.0 VueJS app. Fixed an issue missing in Caldera docs preventing remote hosting. * Verified proper API for sending abilities against an agent. Added to terraform cheat sheet. * Removed Prelude Operator.

Just released an update to my Adversary-as-Code automated security lab. But seriously :-). Updated to latest Caldera 5.0 update. Added API cheat sheet in terraform for sending abilities. Been playing with sending techniques over an API, lots of potential here for automation +.

RT @_wald0: In this blog post:. ● My analysis of the Midnight Blizzard breach affecting Microsoft.● Step-by-step explanation of the attack….

RT @helpnetsecurity: Automated Emulation: Open-source breach and attack simulation lab - - @securitypuck @github #O….

Mozilla sops is an open source secrets manager that works really well. Orgs with a large number of repositories have to solve the problem of securing all secrets at scale:.

@trufflesec Created this awesome tutorial for Rotating different Secrets:

Remember that compromised developer accounts in a Github Enterprise can be abused for scanning and enumerating secrets especially in a large DevOps environment. Simple "Member" in Github Enterprise allows this. Secrets can be used for lateral movement in cloud.

Github Gist to scan repos at scale using TruffleHog. Remote Scan, Only Verified flag to show verified creds:.

Thank you @trufflesec for the golden awesomeness of #TruffleHog. I'm amazed at the capabilities of this tool for secrets scanning at scale. Client Pentest: Scanned 500 Github enterprise repositories. Github Gist below for a bash script that uses #TruffleHog.