home.social

#redteam — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #redteam, aggregated by home.social.

  1. What is Web Security and Web Penetration Testing Tools

    In this article, I cover essential web penetration testing tools and how they fit into different stages of the assessment process.
    denizhalil.com/2024/12/19/web-

    #CyberSecurity #WebSecurity #Pentesting #BurpSuite #Nmap #SQLMap #BugBounty #RedTeam #InfoSec #EthicalHacking #SecurityTools #DenizHalil

  2. ----------------

    🛠️ Tool
    ===================

    claude-osint is a paired set of skills for the Claude skills system, built by ElementalSoul (GenAI Security Research). Rather than a standalone script, it integrates into Claude's skill infrastructure, providing structured tradecraft for external reconnaissance during authorized red-team and bug-bounty engagements.

    The project delivers two SKILL.md files you drop into ~/.claude/skills/:
    • osint-methodology (455 lines): Strategic and procedural. Covers asset-graph discipline, severity rubric, time budgeting with four profiles (1h, 4h, 1d, 1w), identity-fabric mapping, and deliverable templates.
    • offensive-osint (4,168 lines): Tactical arsenal. Probe paths, regexes, payloads, scoring rules, curl one-liners, and tool URLs.

    Together they cover 90+ modules across 12 domains.

    Reconnaissance & Asset Discovery includes a 5-stage pipeline with time-budget profiles, subdomain enumeration via crt.sh with a 7-source fallback chain (handles crt.sh 502s), common-prefix sweeps in PowerShell and bash (100+ prefixes), Wayback CDX deep mining with legacy-app pivots targeting .asp/.php/.jsp/.cfm, WHOIS/RDAP and historical-WHOIS with reverse-WHOIS pivots, public records lookups (OpenCorporates, SEC EDGAR, GSXT, Rusprofile, Companies House), and bulk IP-to-ASN correlation via Cymru, RIPEstat, bgp.tools.

    Identity & SSO Mapping covers Microsoft Entra (Azure AD) tenant fingerprinting with GUID extraction, M365 deep enumeration (Teams federation, SharePoint, OneDrive, OAuth, device-code phishing), Autodiscover IP correlation for passive M365 confirmation even when MX records are wrapped by Mimecast/Proofpoint, Okta tenant slug and /api/v1/authn user enumeration, ADFS fingerprinting with mex endpoints, Google Workspace OIDC discovery, generic OIDC providers (Auth0, Keycloak, Ping, OneLogin, Duo), SAML metadata across 5 paths, and AWS account-ID extraction from headers and ARN regexes.

    Web Application Attack Surface covers Swagger/OpenAPI discovery across 28 paths, GraphQL discovery and introspection across 13 paths, field-suggestion enumeration when introspection is disabled, alias batching and depth bypass, and 15 always-on HTTP checks (.git, .env, actuator, heapdump).

    Additional capabilities: 48 secret-regex patterns, 9 read-only credential validators, 27 attack-path templates, secret_scan.py (stdlib-only), h1_reference.py (HackerOne disclosed-reports agent).

    Self-reported: 96.9% pass on 32-prompt evaluation, 85-90% estimated practitioner coverage. Four end-to-end walkthroughs included. Metrics are self-reported and lack independent verification. Claude-specific, authorized-use only.

    🔹 tool #OSINT #redteam #claude #reconnaissance

    🔗 Source: github.com/elementalsouls/Clau

  3. ----------------

    🎥 Video
    ===================

    Jason Haddix delivered a talk at NDC Security 2026 in Oslo titled "Attacking AI," presenting findings from Arcanum's AI security assessments conducted in 2024 and 2025.

    The core contribution is a 7-point methodology for assessing AI-enabled systems, specifically those that connect LLMs to web applications and internal tools. This is distinct from academic AI red teaming, which often focuses on getting frontier models to produce policy-violating outputs in isolation. Haddix emphasizes that real-world AI assessments involve integrated systems where the LLM is a component, not the entire attack surface.

    Key technical points:
    • The methodology addresses the gap between academic prompt injection research and practical assessment of production AI systems
    • Arcanum released a prompt injection taxonomy as a resource for testers, categorizing attack vectors specific to LLM-integrated applications
    • Haddix drew on experience from AI CTFs, notably the Bad Words competition run by the Bossy Group, who operate the "Ply the prompter" jailbreak methodology and routinely break frontier models within 24 hours of release
    • The CTF context involved getting safety-tuned models to produce prohibited outputs (drug synthesis, explicit content), which maps to the bypass techniques relevant to production assessments

    Practical implications:

    The distinction between academic red teaming and production assessment is substantive. In production, the LLM is connected to data stores, APIs, and user-facing interfaces. Attack vectors expand beyond pure prompt engineering to include context manipulation, RAG poisoning, and privilege escalation through the LLM's integrations.

    The taxonomy and methodology are positioned as practitioner resources rather than theoretical frameworks, which fills a genuine gap. Most publicly available AI assessment content leans academic.

    Haddix has 21+ years in offensive security and transitioned to AI assessments roughly two years ago when existing pentest clients began integrating LLMs into their applications.

    🔹 AI_Security #PromptInjection #RedTeam #LLM #Arcanum

    🔗 Source: youtube.com/watch?v=j51uMah-3js

  4. Ok ya implementé todos los cambios del tema. En par de días implementaré los cambios del código y empezaré a cargar los datos y a probarlos. Necesitaré 2 o 3 beta testers para que me ayuden a solucionar problemas y me den consejos antes d lanzar la beta en vivo. learn2hack.today/ #offensivesecurity #redteam #ctf #hackinghistory #learn2hack #mentoring #mentor Si te interesa ser mentor y quieres participar en la beta test, completa el formulario en el enlace del sitio y contáctame en privado

  5. Ok ya implementé todos los cambios del tema. En par de días implementaré los cambios del código y empezaré a cargar los datos y a probarlos. Necesitaré 2 o 3 beta testers para que me ayuden a solucionar problemas y me den consejos antes d lanzar la beta en vivo. learn2hack.today/ #offensivesecurity #redteam #ctf #hackinghistory #learn2hack #mentoring #mentor Si te interesa ser mentor y quieres participar en la beta test, completa el formulario en el enlace del sitio y contáctame en privado

  6. Ok ya implementé todos los cambios del tema. En par de días implementaré los cambios del código y empezaré a cargar los datos y a probarlos. Necesitaré 2 o 3 beta testers para que me ayuden a solucionar problemas y me den consejos antes d lanzar la beta en vivo. learn2hack.today/ #offensivesecurity #redteam #ctf #hackinghistory #learn2hack #mentoring #mentor Si te interesa ser mentor y quieres participar en la beta test, completa el formulario en el enlace del sitio y contáctame en privado

  7. Ok ya implementé todos los cambios del tema. En par de días implementaré los cambios del código y empezaré a cargar los datos y a probarlos. Necesitaré 2 o 3 beta testers para que me ayuden a solucionar problemas y me den consejos antes d lanzar la beta en vivo. learn2hack.today/ #offensivesecurity #redteam #ctf #hackinghistory #learn2hack #mentoring #mentor Si te interesa ser mentor y quieres participar en la beta test, completa el formulario en el enlace del sitio y contáctame en privado

  8. HackTheBox. Прохождение Mini Pro Lab Puppet

    Вам поручено провести проверку на проникновение в компанию Puppet Inc . Компания не разрешает передачу данных за пределы внутренней сети, поэтому внутри компании был создан сервер управления и контроля ( C2 ), и сотрудник запустил вредоносную программу для имитации успешной атаки с использованием методов социальной инженерии. Puppet — это небольшой сценарий Active Directory , в котором вы начинаете с уже работающего маяка Sliver C2 на внутренней системе. Он предназначен для отработки работы в рамках C2 -инфраструктуры в современной, сложной гибридной среде. Puppet разработан для специалистов по тестированию на проникновение и « красных команд », ищущих быструю и сложную лабораторию с уже настроенной C2 -инфраструктурой для отработки операций C2 . Эта лаборатория « Оператор красной команды уровня I » познакомит игроков со следующими темами: - Перечисление - Перечисление и атаки на Active Directory - Эксплуатация инфраструктуры DevOps - Боковое перемещение - Локальное повышение привилегий - Операции C2

    habr.com/ru/articles/1039202/

    #hackthebox #htb #redteam #redteaming #pentest #pentesting

  9. HackTheBox. Прохождение Mini Pro Lab Puppet

    Вам поручено провести проверку на проникновение в компанию Puppet Inc . Компания не разрешает передачу данных за пределы внутренней сети, поэтому внутри компании был создан сервер управления и контроля ( C2 ), и сотрудник запустил вредоносную программу для имитации успешной атаки с использованием методов социальной инженерии. Puppet — это небольшой сценарий Active Directory , в котором вы начинаете с уже работающего маяка Sliver C2 на внутренней системе. Он предназначен для отработки работы в рамках C2 -инфраструктуры в современной, сложной гибридной среде. Puppet разработан для специалистов по тестированию на проникновение и « красных команд », ищущих быструю и сложную лабораторию с уже настроенной C2 -инфраструктурой для отработки операций C2 . Эта лаборатория « Оператор красной команды уровня I » познакомит игроков со следующими темами: - Перечисление - Перечисление и атаки на Active Directory - Эксплуатация инфраструктуры DevOps - Боковое перемещение - Локальное повышение привилегий - Операции C2

    habr.com/ru/articles/1039202/

    #hackthebox #htb #redteam #redteaming #pentest #pentesting

  10. HackTheBox. Прохождение Mini Pro Lab Puppet

    Вам поручено провести проверку на проникновение в компанию Puppet Inc . Компания не разрешает передачу данных за пределы внутренней сети, поэтому внутри компании был создан сервер управления и контроля ( C2 ), и сотрудник запустил вредоносную программу для имитации успешной атаки с использованием методов социальной инженерии. Puppet — это небольшой сценарий Active Directory , в котором вы начинаете с уже работающего маяка Sliver C2 на внутренней системе. Он предназначен для отработки работы в рамках C2 -инфраструктуры в современной, сложной гибридной среде. Puppet разработан для специалистов по тестированию на проникновение и « красных команд », ищущих быструю и сложную лабораторию с уже настроенной C2 -инфраструктурой для отработки операций C2 . Эта лаборатория « Оператор красной команды уровня I » познакомит игроков со следующими темами: - Перечисление - Перечисление и атаки на Active Directory - Эксплуатация инфраструктуры DevOps - Боковое перемещение - Локальное повышение привилегий - Операции C2

    habr.com/ru/articles/1039202/

    #hackthebox #htb #redteam #redteaming #pentest #pentesting

  11. HackTheBox. Прохождение Mini Pro Lab Puppet

    Вам поручено провести проверку на проникновение в компанию Puppet Inc . Компания не разрешает передачу данных за пределы внутренней сети, поэтому внутри компании был создан сервер управления и контроля ( C2 ), и сотрудник запустил вредоносную программу для имитации успешной атаки с использованием методов социальной инженерии. Puppet — это небольшой сценарий Active Directory , в котором вы начинаете с уже работающего маяка Sliver C2 на внутренней системе. Он предназначен для отработки работы в рамках C2 -инфраструктуры в современной, сложной гибридной среде. Puppet разработан для специалистов по тестированию на проникновение и « красных команд », ищущих быструю и сложную лабораторию с уже настроенной C2 -инфраструктурой для отработки операций C2 . Эта лаборатория « Оператор красной команды уровня I » познакомит игроков со следующими темами: - Перечисление - Перечисление и атаки на Active Directory - Эксплуатация инфраструктуры DevOps - Боковое перемещение - Локальное повышение привилегий - Операции C2

    habr.com/ru/articles/1039202/

    #hackthebox #htb #redteam #redteaming #pentest #pentesting

  12. ok I deployed all the theme changes, in a couple days will deploy the code changes. and will start to populate data and test that, I will need 2-3 beta testers to help me troubleshoot issues and give advice before going live-beta learn2hack.today/ #hackers #hackerculture #offensivesecurity #redteam #ctf #hackinghistory #learn2hack #mentoring #mentor if interested in a mentor and willing to beta test please fill up form in the site link and contact me in private. #HappyHacking

  13. ok I deployed all the theme changes, in a couple days will deploy the code changes. and will start to populate data and test that, I will need 2-3 beta testers to help me troubleshoot issues and give advice before going live-beta learn2hack.today/ #hackers #hackerculture #offensivesecurity #redteam #ctf #hackinghistory #learn2hack #mentoring #mentor if interested in a mentor and willing to beta test please fill up form in the site link and contact me in private. #HappyHacking

  14. ok I deployed all the theme changes, in a couple days will deploy the code changes. and will start to populate data and test that, I will need 2-3 beta testers to help me troubleshoot issues and give advice before going live-beta learn2hack.today/ #hackers #hackerculture #offensivesecurity #redteam #ctf #hackinghistory #learn2hack #mentoring #mentor if interested in a mentor and willing to beta test please fill up form in the site link and contact me in private. #HappyHacking

  15. ok I deployed all the theme changes, in a couple days will deploy the code changes. and will start to populate data and test that, I will need 2-3 beta testers to help me troubleshoot issues and give advice before going live-beta learn2hack.today/ #hackers #hackerculture #offensivesecurity #redteam #ctf #hackinghistory #learn2hack #mentoring #mentor if interested in a mentor and willing to beta test please fill up form in the site link and contact me in private. #HappyHacking

  16. ok I deployed all the theme changes, in a couple days will deploy the code changes. and will start to populate data and test that, I will need 2-3 beta testers to help me troubleshoot issues and give advice before going live-beta learn2hack.today/ #hackers #hackerculture #offensivesecurity #redteam #ctf #hackinghistory #learn2hack #mentoring #mentor if interested in a mentor and willing to beta test please fill up form in the site link and contact me in private. #HappyHacking

  17. 🍵 HTB Help Walkthrough 🍵

    Learn how to perform:
    - GraphQL Enumeration
    - File Upload Exploitation
    - Kernel Exploitation

    🎬️Watch it here:
    youtube.com/watch?v=6XB-M3DajRU

    #HTB #HackTheBox #OSCP #Pentesting #EthicalHacking #Cybersecurity #RedTeam #CTF

  18. 🍵 HTB Help Walkthrough 🍵

    Learn how to perform:
    - GraphQL Enumeration
    - File Upload Exploitation
    - Kernel Exploitation

    🎬️Watch it here:
    youtube.com/watch?v=6XB-M3DajRU

    #HTB #HackTheBox #OSCP #Pentesting #EthicalHacking #Cybersecurity #RedTeam #CTF

  19. “Thinking like an attacker” is useful — but it has downsides.

    Over time, security people stop seeing products normally. Interfaces become attack surfaces, APIs become trust boundaries, and every feature becomes a possible abuse case.

    That mindset helps find risks, but in excess it turns into constant paranoia.

    Mature security thinking is not about seeing disasters everywhere.

    It’s controlled skepticism and balance.

    #it
    #security
    #development
    #app
    #RedTeam
    #thought

  20. 🔴 A penetration test finds vulnerabilities.
    Red Teaming shows whether attackers can actually bypass your defences.

    👉 7asecurity.com/blog/2026/05/re

  21. Frameworks para testar IA e benchmark de Cyber Segurança

    Quer saber como testar uma IA e descobrir se ela é segura ou utilizável em Cyber Segurança? 🤖🛡️

    - Dois focos principais:
    • Testar a IA para encontrar vulnerabilidades no modelo (encontrar falhas, prompts que vazam ou comportamentos indesejados).
    • Fazer um benchmark para avaliar se essa IA pode ser usada na área de Cyber Segurança — especialmente...

    #IA #CyberSegurança #RedTeam #Vulnerabilidades #Benchmark #Segurança #MorningCrypto

  22. Frameworks para testar IA e benchmark de Cyber Segurança

    Quer saber como testar uma IA e descobrir se ela é segura ou utilizável em Cyber Segurança? 🤖🛡️

    - Dois focos principais:
    • Testar a IA para encontrar vulnerabilidades no modelo (encontrar falhas, prompts que vazam ou comportamentos indesejados).
    • Fazer um benchmark para avaliar se essa IA pode ser usada na área de Cyber Segurança — especialmente...

    #IA #CyberSegurança #RedTeam #Vulnerabilidades #Benchmark #Segurança #MorningCrypto

  23. Released v1.3.3. of #Yaralyzer, my surprisingly popular tool for visualizing YARA rule matches with colors (a lot of colors).

    1. --export-png images lets you export images of the analysis

    2. almost all command line options (including multi argument ones like --yara-rules-dir) can be permanently set via environment variables or .yaralyzer file

    3. couple of small bug fixes and debugging related command line options

    You can try it on the web here: yaratoolkit.securitybreak.io/
    (I didn't build this website, Thomas Roccia from Microsoft just integrated Yaralyzer into his existing site)

    - Github: github.com/michelcrypt4d4mus/y
    - Pypi: pypi.org/project/yaralyzer/
    - on macOS you can also get it with #Homebrew by installing Pdfalyzer: brew install pdfalyzer

    #ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #GPL #hacking #infosec #KaliLinux #maldoc #malware #malwareAnalysis #malwareDetection #openSource #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #YARA #YARArule #YARArules

  24. Released v1.3.3. of #Yaralyzer, my surprisingly popular tool for visualizing YARA rule matches with colors (a lot of colors).

    1. --export-png images lets you export images of the analysis

    2. almost all command line options (including multi argument ones like --yara-rules-dir) can be permanently set via environment variables or .yaralyzer file

    3. couple of small bug fixes and debugging related command line options

    You can try it on the web here: yaratoolkit.securitybreak.io/
    (I didn't build this website, Thomas Roccia from Microsoft just integrated Yaralyzer into his existing site)

    - Github: github.com/michelcrypt4d4mus/y
    - Pypi: pypi.org/project/yaralyzer/
    - on macOS you can also get it with #Homebrew by installing Pdfalyzer: brew install pdfalyzer

    #ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #GPL #hacking #infosec #KaliLinux #maldoc #malware #malwareAnalysis #malwareDetection #openSource #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #YARA #YARArule #YARArules

  25. Released v1.3.3. of #Yaralyzer, my surprisingly popular tool for visualizing YARA rule matches with colors (a lot of colors).

    1. --export-png images lets you export images of the analysis

    2. almost all command line options (including multi argument ones like --yara-rules-dir) can be permanently set via environment variables or .yaralyzer file

    3. couple of small bug fixes and debugging related command line options

    You can try it on the web here: yaratoolkit.securitybreak.io/
    (I didn't build this website, Thomas Roccia from Microsoft just integrated Yaralyzer into his existing site)

    - Github: github.com/michelcrypt4d4mus/y
    - Pypi: pypi.org/project/yaralyzer/
    - on macOS you can also get it with #Homebrew by installing Pdfalyzer: brew install pdfalyzer

    #ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #GPL #hacking #infosec #KaliLinux #maldoc #malware #malwareAnalysis #malwareDetection #openSource #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #YARA #YARArule #YARArules

  26. Released v1.3.3. of #Yaralyzer, my surprisingly popular tool for visualizing YARA rule matches with colors (a lot of colors).

    1. --export-png images lets you export images of the analysis

    2. almost all command line options (including multi argument ones like --yara-rules-dir) can be permanently set via environment variables or .yaralyzer file

    3. couple of small bug fixes and debugging related command line options

    You can try it on the web here: yaratoolkit.securitybreak.io/
    (I didn't build this website, Thomas Roccia from Microsoft just integrated Yaralyzer into his existing site)

    - Github: github.com/michelcrypt4d4mus/y
    - Pypi: pypi.org/project/yaralyzer/
    - on macOS you can also get it with #Homebrew by installing Pdfalyzer: brew install pdfalyzer

    #ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #GPL #hacking #infosec #KaliLinux #maldoc #malware #malwareAnalysis #malwareDetection #openSource #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #YARA #YARArule #YARArules

  27. Released v1.3.3. of #Yaralyzer, my surprisingly popular tool for visualizing YARA rule matches with colors (a lot of colors).

    1. --export-png images lets you export images of the analysis

    2. almost all command line options (including multi argument ones like --yara-rules-dir) can be permanently set via environment variables or .yaralyzer file

    3. couple of small bug fixes and debugging related command line options

    You can try it on the web here: yaratoolkit.securitybreak.io/
    (I didn't build this website, Thomas Roccia from Microsoft just integrated Yaralyzer into his existing site)

    - Github: github.com/michelcrypt4d4mus/y
    - Pypi: pypi.org/project/yaralyzer/
    - on macOS you can also get it with #Homebrew by installing Pdfalyzer: brew install pdfalyzer

    #ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #GPL #hacking #infosec #KaliLinux #maldoc #malware #malwareAnalysis #malwareDetection #openSource #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #YARA #YARArule #YARArules

  28. forgetting to change web admin credentials during red v blue event and just getting absolutely blasted for 5 hours straight

    tl;dr: I choked CCDC quals, AMA

    #infosec #ccdc #redteam #blueteam

  29. forgetting to change web admin credentials during red v blue event and just getting absolutely blasted for 5 hours straight

    tl;dr: I choked CCDC quals, AMA

    #infosec #ccdc #redteam #blueteam

  30. forgetting to change web admin credentials during red v blue event and just getting absolutely blasted for 5 hours straight

    tl;dr: I choked CCDC quals, AMA

    #infosec #ccdc #redteam #blueteam

  31. CW: meta

    Out in Lisbon, talking SP security with our telecomms teams. A nice mix of red, blue, architecture and engineering.

    #gtp, #ss7, #diameter, #mpls, #srv6, #telcocloud, #redteam, #blueteam

  32. Linux Privilege Escalation Cheat Sheet: Techniques and Prevention.

    In this cheat sheet, I break down essential enumeration commands, common escalation paths, and practical techniques every security professional should know.
    denizhalil.com/2025/06/30/linu

    #CyberSecurity #LinuxSecurity #PrivilegeEscalation #Pentesting #RedTeam #BlueTeam #InfoSec #ethicalhacking #SecurityEngineering #itsecurity

  33. UDP Network Monitoring with C++: A Comprehensive Guide

    In this guide, I demonstrate how to build a UDP packet sniffer in C++ using raw sockets, parse packet headers, and extract key data like source/destination IPs and ports.
    denizhalil.com/2025/07/14/udp-

    #CyberSecurity #NetworkMonitoring #PacketSniffer #UDP #Cpp #NetworkSecurity #InfoSec #BlueTeam #RedTeam #InfoSec #securityengineering #denizhalil

  34. Python C2 Server for Red Teaming: A Comprehensive Hands-On Guide

    In this guide, I walk through building a Python-based C2 server, covering its architecture, encrypted communication, and real-world operational workflow.
    denizhalil.com/2025/12/15/pyth

    #CyberSecurity #RedTeam #C2 #commandandcontrol #Python #offensivesecurity #Pentesting #infosec #threatdetection #blueteam #securityengineering #ethicalhacking