Pinned post

Hello friends! I'm excited to announce that my intro course on webapp pentesting, PWST, is live! And for today, Fediverse friends, if you use the code FEDI30 at checkout, you'll get 30% off! academy.tcm-sec.com/courses/pr

bersecurity

Pinned post

Hello, Fediverse! I'm Taggart. I'm a threat hunter by day. At night, I do infosec and programming education on Twitch. I'm a serious open source advocate dedicated to social justice. Glad to be here!

On tonight's , we're going to try to perform some static/dynamic analysis of period trackers, to learn just what's going on with these things! Admittedly new territory for me, so let's learn together live at 5PM Pacific! twitch.tv/mttaggart

Taggart boosted

A reminder when talking to people making shitty fascist, *phobic or fundamentalist christian arguments:

Do not engage with the specific arguments they are using. There isn't any part that they aren't willing to concede without changing anything, they just pull something else out of their ass and ignore it. You waste time and energy 'winning' an argument about something that they don't actually care about.

uspol 

Planned Parenthood and the ACLU are great of course, but here's a list of orgs in each state you might consider: donations4abortion.com/funds-b

Show thread

uspol 

Okay, I can't do much right now, but I can do this:

If you provide me proof (via DM) of a donation >= $20 USD to an organization that provides abortion support here in the US, I will provide a free voucher code for the PWST course.

academy.tcm-sec.com/p/practica

Taggart boosted

On today's , the forecast is mostly cloudy with a chance of malware! We're exploring Azure Sentinel and Microsoft's own training materials. This will be a great intro for anyone new to Azure! Join us live at 10 AM Pacific! twitch.tv/mttaggart

A surprise release? That's right, we pushed to prod on a Friday.

v1.3.0: "Tamahagane". This release updates the agent to work with recent changes in Notion's API. Plus:

#️⃣ getsystem/rev2self commands for Windows!

github.com/mttaggart/Offensive

When you start putting your work out there, you will get questions like "Why don't you just X?" Or "Why don't you do it Y way?"

If you're like me, you'll jump to thinking you're wrong. And maybe you get a little defensive.

Different ≠ wrong or right. Many methods can work.

Hey, friends! Simon, the developer of the premiere open source web proxy, ZAP, is no longer supported by his company to develop this critical tool. I just sponsored him to continue development, and if you can, I encourage you to do the same! zaproxy.org/blog/2022-06-17-he

It's that time again! Once more, our Discord will be playing Black Hills Information Security's "Backdoors and Breaches" this Friday, June 17th, at 5PM Pacific! If you want to learn what this incident response simulation game is all about, come join us! discord.gg/K8nzZU7q

On today's , we're revisiting some binary exploitation basics! Join us for a refresher on stack/buffer overflows, a little ROP, Rizin, Cutter, and pwntools! Live at 5PM Pacific at twitch.tv/mttaggart

Here's an reality you won't learn in CTFs:

Not every app you test will have crits. Your job isn't to find the flag; it's to find vulnerabilities. That doesn't mean there definitely is an RCE waiting for you.

Also, give praise to devs when they get it right!

I can count on one hand the number of times "enterprise" support has been worth more to me than the ability to read and respond to logs.

After months of frustration, I finally got Packer to play nice with Proxmox and Windows Autounattend configs.

Taggart boosted

Replace every article about Elon Musk with an article about someone fixing/maintaining important infrastructure. A person repairing buses. A person repairing and tweaking wheelchairs. A person tending to a community garden.

Look I just think if you're going to build the machines that shape civilization, a couple of semesters of history and moral/political philosophy wouldn't hurt.

On today's , we do that which I do not enjoy, but must explore anyway: memory analysis! Come join the investigation as we use Volatility and MemProcFS to solve crimes, live at 10AM Pacific! twitch.tv/mttaggart

The sysadmin urge to burn down the entire virtual lab and start over.

Been a little quiet on here recently due to split focus. But! I'm here for weekly Ws and Gratitudes. Tell me what you accomplished or what you're grateful for this week!

I'll start by thanking my work team for the patience and latitude to deep dive new topics and technologies in support of our mission.

Show older
Fosstodon

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.