#hack100days Day 1: Enumerate targets in a web application CTF. Explore potential sqli points. Look at SSTI for Werkzeug. Look at SSRF candidate. (dafuq is a gunicorn?)

Making a run at 100 days of hacking. Not setting a super high bar. Minimum, critically read a security article and take notes. Max, hands on keyboard and write/edit a script, hack on a ctf or lab box, work on a hacking workflow. #hack100days

A question for the
#ICS #Cybersecurity
shared brain... ...any 8- to 12-port lab-worthy switches capable of SDN I should take a look at? I'm exploring how to demo SDN controlling network access in an OT/ICS subnet.

There needs to be more than a "backlash": https://wapo.st/4c1ttS8

He's saying the quiet part aloud, now: https://x.com/AccountableGOP/status/1817010508072882202

#SubTweetOfTheDay "Paving the cowpath as a strategy, but in the cloud with AI." #HackersStillGonnaHack #PatchYourShit #TurnOffUneccessaryServices #CyberAllTheThings

Anyone got link(s) to current articles on wifi pentesting? In particular, why can I get handshakes from known ssids, but the handshakes for hidden ssids don't seem to be usable to tooling used to extract hashes. Is there a newer tool I'm not in the loop on? I also tried out mdk4 to work out the name of a hidden ssid. Is that old and busted? I there new hotness? #WifiPentesting #RedTeam #CoSoSec

This is Important: https://sfba.social/@markmetz/111852364635255398 #ChristoFascistsOut #SeparationOfChurchAndState

Hey, Hive Mind. Got any opinions on Oak Haven Resort in Tennessee?

https://www.threads.net/@stonekettle/post/C2KtfHOrCwR #politics #neverTrump

It's getting near time to give up on tv shows and movies--the streaming services I went to because cable was getting ridiculous are now getting ridiculous.

certiorari... This word is hurting my brain. Is it cert-iorari, certi-orari, certior-ari, or something else?

For anyone who was watching this... Someone pointed this out: https://github.com/gloxec/CrossC2 Haven't tried it yet, though.

Any CS operators have pointers to Linux beacons? I’m getting ready for CRTO and was doing an HtB lab as prep—but initial compromise is a linux box! LOL. #RedTeam #InfoSec #CobaltStrike

I've got a blog on infosec.press: infosec.press/beveragenotes/ It's random musings about whisky or other beverages. It's pretty green, so don't expect too much for a while. I'm targeting a musing every couple of weeks. After I get more writing under my belt, I'll explore getting some actual infosec stuff out--roll up some of my social media posts, explore some things that have been bugging me, etc. In the mean time, enjoy! (Or don't, I'm not your dad and I'm doing this one for me.) #AmWriting

Yay! USWNT ties it up on a brilliant header by Horan! #USWNT #WomensWorldCup #Footie #Soccer

From my Mastodon feed: https://www.theverge.com/2023/5/22/23732497/twitter-bug-restoring-deleted-tweets-retweets Some of my tweets and retweets have returned. "bug"

@CoSoTips Is there a way to turn off the CoSoCom Radio Scanner w/out dropping into Ostrich Mode?