fosstodon.org is one of the many independent Mastodon servers you can use to participate in the fediverse.
Fosstodon is an invite only Mastodon instance that is open to those who are interested in technology; particularly free & open source software. If you wish to join, contact us for an invite.

Administered by:

Server stats:

8.8K
active users

#blueteam

11 posts11 participants1 post today
Helga Secures All the Things<p>If you've got cybersecurity knowledge to share and are new to conference presenting, I'd heartily encourage you to consider applying to present at ComfyConAU. I've attended and have to say it's the most wonderful, diverse online conference I have been to, with a warm, inclusive community. The presentations I've seen there range from highly technical and tools-based hacking and defence, through to broad concepts to auditing and compliance to community topics. </p><p>Give it a go and never mind the timezone - you can get up early or stay up late!</p><p><a href="https://ioc.exchange/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://ioc.exchange/tags/conference2025" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>conference2025</span></a> <a href="https://ioc.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://ioc.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://ioc.exchange/tags/ICS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ICS</span></a> <a href="https://ioc.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blueteam</span></a> <a href="https://ioc.exchange/tags/purpleteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>purpleteam</span></a> </p><p><span class="h-card" translate="no"><a href="https://infosec.exchange/@ComfyConAU" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>ComfyConAU</span></a></span></p>
Lenin alevski 🕵️💻<p>New Open-Source Tool Spotlight 🚨🚨🚨</p><p>OpenVAS Scanner is an open-source vulnerability scanner used to assess system security by identifying weaknesses in networks, servers, and applications. It's part of the Greenbone Vulnerability Management suite, leveraging a regularly updated feed of known vulnerabilities. <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/VulnerabilityScanner" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VulnerabilityScanner</span></a></p><p>🔗 Project link on <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GitHub</span></a> 👉 <a href="https://github.com/greenbone/openvas-scanner" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/greenbone/openvas-s</span><span class="invisible">canner</span></a></p><p><a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/Software" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Software</span></a> <a href="https://infosec.exchange/tags/Technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Technology</span></a> <a href="https://infosec.exchange/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://infosec.exchange/tags/CTF" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CTF</span></a> <a href="https://infosec.exchange/tags/Cybersecuritycareer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecuritycareer</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blueteam</span></a> <a href="https://infosec.exchange/tags/purpleteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>purpleteam</span></a> <a href="https://infosec.exchange/tags/tips" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tips</span></a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a> <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cloudsecurity</span></a></p><p>— ✨<br>🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️</p>
No Starch Press<p>Surprise! Another special edition coming to <span class="h-card" translate="no"><a href="https://mastodon.social/@defcon" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>defcon</span></a></span>: Practical Purple Teaming lays out real-world methodologies for joint attack/defense testing. </p><p>Run modern threats in a safe lab, tune detection, and sharpen your response—using the same free tools teams rely on every day.</p><p><a href="https://mastodon.social/tags/DEFCON33" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DEFCON33</span></a> <a href="https://mastodon.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mastodon.social/tags/PurpleTeam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PurpleTeam</span></a> <a href="https://mastodon.social/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://mastodon.social/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a> <a href="https://mastodon.social/tags/blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blueteam</span></a></p>
Lenin alevski 🕵️💻<p>New Open-Source Tool Spotlight 🚨🚨🚨</p><p>Wstunnel lets you tunnel TCP traffic over secured WebSockets. It's useful for bypassing restrictive firewalls or exposing services through HTTP(S). Acts as a lightweight proxy without requiring root privileges. <a href="https://infosec.exchange/tags/networking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>networking</span></a> <a href="https://infosec.exchange/tags/WebSockets" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WebSockets</span></a></p><p>🔗 Project link on <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GitHub</span></a> 👉 <a href="https://github.com/erebe/wstunnel" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/erebe/wstunnel</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/Software" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Software</span></a> <a href="https://infosec.exchange/tags/Technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Technology</span></a> <a href="https://infosec.exchange/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://infosec.exchange/tags/CTF" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CTF</span></a> <a href="https://infosec.exchange/tags/Cybersecuritycareer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecuritycareer</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blueteam</span></a> <a href="https://infosec.exchange/tags/purpleteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>purpleteam</span></a> <a href="https://infosec.exchange/tags/tips" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tips</span></a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a> <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cloudsecurity</span></a></p><p>— ✨<br>🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️</p>
Lenin alevski 🕵️💻<p>New Open-Source Tool Spotlight 🚨🚨🚨</p><p>Volatility 3 rebuilds memory forensics with a modular, Python-based architecture. It supports multiple operating systems, extends functionality with plugins, and simplifies analysis in incident response scenarios. <a href="https://infosec.exchange/tags/DigitalForensics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DigitalForensics</span></a> <a href="https://infosec.exchange/tags/MemoryAnalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MemoryAnalysis</span></a></p><p>🔗 Project link on <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GitHub</span></a> 👉 <a href="https://github.com/volatilityfoundation/volatility3" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/volatilityfoundatio</span><span class="invisible">n/volatility3</span></a></p><p><a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/Software" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Software</span></a> <a href="https://infosec.exchange/tags/Technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Technology</span></a> <a href="https://infosec.exchange/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://infosec.exchange/tags/CTF" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CTF</span></a> <a href="https://infosec.exchange/tags/Cybersecuritycareer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecuritycareer</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blueteam</span></a> <a href="https://infosec.exchange/tags/purpleteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>purpleteam</span></a> <a href="https://infosec.exchange/tags/tips" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tips</span></a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a> <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cloudsecurity</span></a></p><p>— ✨<br>🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️</p>
mkj<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@aria" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>aria</span></a></span> I haven't looked at it in detail but I'm pretty sure you want to check out <a href="https://www.humblebundle.com/books/pentesting-hacking-toolkit-packt-books" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">humblebundle.com/books/pentest</span><span class="invisible">ing-hacking-toolkit-packt-books</span></a></p><p><a href="https://social.mkj.earth/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://social.mkj.earth/tags/EthicalHacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EthicalHacking</span></a> <a href="https://social.mkj.earth/tags/PenTesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PenTesting</span></a> <a href="https://social.mkj.earth/tags/BlueTeam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BlueTeam</span></a></p>
Graylog<p>We know that everyone is excited for <a href="https://infosec.exchange/tags/defcon33" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>defcon33</span></a> (16 days and counting!)... and, we want you to know that the hottest spot at <a href="https://infosec.exchange/tags/defcon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>defcon</span></a> will be the Blue Team Village (BTV)! 🔥 We're looking forward to BTV's CTF again this year—Project Obsidian, plus many other exciting surprises. Oh, and of course you'll be able to find <a href="https://infosec.exchange/tags/Graylog" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Graylog</span></a> in the BTV! 🟦 🙌 </p><p>And speaking of blue teams... let's talk a little bit about blue teaming while we're here. 👍 Our latest blog dives into the essential details you need to know about the groups of security analysts that defend organizations against cyber attacks. 🛡️ </p><p>Read on to learn about:<br>❓ Why you need a blue team<br>🤹‍♀️ The skills that blue teams need<br>👍 Benefits of blue teaming<br>🔵 Blue team exercises<br>🤔 The difference between a blue team and red team in <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a><br>🤝 Why it's important for blue and red teams to work together<br>☑️ An easy-to-implement blue team <a href="https://infosec.exchange/tags/SIEM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SIEM</span></a></p><p><a href="https://graylog.org/post/improving-security-with-blue-team-exercises/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">graylog.org/post/improving-sec</span><span class="invisible">urity-with-blue-team-exercises/</span></a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blueteam</span></a> <a href="https://infosec.exchange/tags/blueteamvillage" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blueteamvillage</span></a></p>
Simon Roses Femerling<p>Red is using AI for sure, but Blues does as well. The AI game is at the same level for both. Use it or lose it. <a href="https://infosec.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blueteam</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a></p>
Lenin alevski 🕵️💻<p>New Open-Source Tool Spotlight 🚨🚨🚨</p><p>Firecracker is a lightweight, production-focused virtual machine monitor designed for secure multi-tenant workloads. Its minimal overhead enables high density on bare-metal servers while emphasizing isolation through microVMs. Built by AWS, it's used in services like Lambda and Fargate. <a href="https://infosec.exchange/tags/Virtualization" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Virtualization</span></a> <a href="https://infosec.exchange/tags/MicroVM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MicroVM</span></a></p><p>🔗 Project link on <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GitHub</span></a> 👉 <a href="https://github.com/firecracker-microvm/firecracker/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/firecracker-microvm</span><span class="invisible">/firecracker/</span></a></p><p><a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/Software" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Software</span></a> <a href="https://infosec.exchange/tags/Technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Technology</span></a> <a href="https://infosec.exchange/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://infosec.exchange/tags/CTF" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CTF</span></a> <a href="https://infosec.exchange/tags/Cybersecuritycareer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecuritycareer</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blueteam</span></a> <a href="https://infosec.exchange/tags/purpleteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>purpleteam</span></a> <a href="https://infosec.exchange/tags/tips" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tips</span></a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a> <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cloudsecurity</span></a></p><p>— ✨<br>🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️</p>
Denny Fischer<p>Prowler is an open-source security tool that helps assess and enforce security best practices across AWS, Azure, Google Cloud and Kubernetes.</p><p><a href="https://github.com/prowler-cloud/prowler" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/prowler-cloud/prowl</span><span class="invisible">er</span></a></p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blueteam</span></a></p>
Lenin alevski 🕵️💻<p>New Open-Source Tool Spotlight 🚨🚨🚨</p><p>The pspy tool on GitHub provides real-time monitoring of processes on Linux systems. It works without root permissions, making it ideal for auditing cron jobs or investigating unexpected process behavior. Lightweight and flexible. <a href="https://infosec.exchange/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a></p><p>🔗 Project link on <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GitHub</span></a> 👉 <a href="https://github.com/DominicBreuker/pspy" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/DominicBreuker/pspy</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/Software" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Software</span></a> <a href="https://infosec.exchange/tags/Technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Technology</span></a> <a href="https://infosec.exchange/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://infosec.exchange/tags/CTF" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CTF</span></a> <a href="https://infosec.exchange/tags/Cybersecuritycareer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecuritycareer</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blueteam</span></a> <a href="https://infosec.exchange/tags/purpleteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>purpleteam</span></a> <a href="https://infosec.exchange/tags/tips" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tips</span></a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a> <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cloudsecurity</span></a></p><p>— ✨<br>🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️</p>
MalwareLab<p>Yesterday I attended <a href="https://infosec.exchange/tags/SOC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOC</span></a> <a href="https://infosec.exchange/tags/DetectionEngineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DetectionEngineering</span></a> Crash Course with Hayden Covington by <span class="h-card" translate="no"><a href="https://infosec.exchange/@Antisy_Training" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Antisy_Training</span></a></span> </p><p><a href="https://www.antisyphontraining.com/product/workshop-soc-detection-engineering-crash-course-with-hayden-covington/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">antisyphontraining.com/product</span><span class="invisible">/workshop-soc-detection-engineering-crash-course-with-hayden-covington/</span></a></p><p>5 hours workshop (1 hour lab setup with instructor available on Zoom and 4 hours of workshop itself). Pay what you can with pricing starting from $0. Course materials such as setup guide and excellent lab instructions delivered in advance, two days before workshop.</p><p>All you need for the workshop is just the web browser - we use <a href="https://infosec.exchange/tags/MetaCTF" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MetaCTF</span></a> Cloud Windows VM (credits provided by the instructor) and Elastic Security (free trial available for 14 days). <br>Fun fact: I test <a href="https://infosec.exchange/tags/FreeBSD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FreeBSD</span></a> as my host OS and was able to do all of the labs in FreeBSD without any issues</p><p>The content was useful, really Crash course. We started with Windows VM with Sysmon and empty Elastic. After the course, we had Elastic Agent on VM, logs in Elastic, detection rule for <span class="h-card" translate="no"><a href="https://infosec.exchange/@mitreattack" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>mitreattack</span></a></span> Account Discovery: Local Account (T1087.001), suppression of the alerts for particular user. We also tested the detection with Atomic Red Team test.</p><p>In overall, it was very good workshop and I am happy for opportunity to attend it. The usage of "free" cloud infrastructure is inspiring, I will consider it during my next trainings for larger group of students (instead of hosting all of the VMs in our cloud infrastructure) - this way, lot of things can students do again after the training for better understanding of the topic.</p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/education" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>education</span></a> <a href="https://infosec.exchange/tags/training" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>training</span></a> <a href="https://infosec.exchange/tags/antisyphon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>antisyphon</span></a> <a href="https://infosec.exchange/tags/soc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>soc</span></a> <a href="https://infosec.exchange/tags/siem" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>siem</span></a> <a href="https://infosec.exchange/tags/detections" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>detections</span></a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blueteam</span></a></p>
Nightfighter 🛡️<p>Hiding in the Shadows: Covert <a href="https://social.tchncs.de/tags/Tunnels" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tunnels</span></a> via <a href="https://social.tchncs.de/tags/QEMU" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>QEMU</span></a> Virtualization</p><p><a href="https://social.tchncs.de/tags/blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blueteam</span></a> <a href="https://social.tchncs.de/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a> <a href="https://social.tchncs.de/tags/pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pentesting</span></a> <a href="https://social.tchncs.de/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://social.tchncs.de/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> </p><p><a href="https://trustedsec.com/blog/hiding-in-the-shadows-covert-tunnels-via-qemu-virtualization" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">trustedsec.com/blog/hiding-in-</span><span class="invisible">the-shadows-covert-tunnels-via-qemu-virtualization</span></a></p>
Tim (Wadhwa-)Brown :donor:<p>If you suffer a breach, I am absolutely saying you should review and secure your netinf, not just stick a ZT shaped plaster on top of it.</p><p>Especially if you have default creds, ejected MSSP and unauth'd routing protocols in the mix.</p><p><a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blueteam</span></a>, <a href="https://infosec.exchange/tags/dfir" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dfir</span></a>, <a href="https://infosec.exchange/tags/networking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>networking</span></a>, <a href="https://infosec.exchange/tags/soc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>soc</span></a></p>
Lenin alevski 🕵️💻<p>New Open-Source Tool Spotlight 🚨🚨🚨</p><p>Rudder is an open-source tool for automating system configuration while ensuring compliance in real-time. Its unique selling point? Policy-based management paired with detailed reporting, making it ideal for enterprise-scale environments. <a href="https://infosec.exchange/tags/DevOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DevOps</span></a> <a href="https://infosec.exchange/tags/ConfigurationManagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ConfigurationManagement</span></a></p><p>🔗 Project link on <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GitHub</span></a> 👉 <a href="https://github.com/Normation/rudder" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/Normation/rudder</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/Software" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Software</span></a> <a href="https://infosec.exchange/tags/Technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Technology</span></a> <a href="https://infosec.exchange/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://infosec.exchange/tags/CTF" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CTF</span></a> <a href="https://infosec.exchange/tags/Cybersecuritycareer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecuritycareer</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blueteam</span></a> <a href="https://infosec.exchange/tags/purpleteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>purpleteam</span></a> <a href="https://infosec.exchange/tags/tips" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tips</span></a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a> <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cloudsecurity</span></a></p><p>— ✨<br>🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️</p>
Risotto Bias<p>Question on perspective - how bad is Fortinet at handling poor code practices, at this point? They're still getting trivial RCEs, poor KEV management, etc.... Where do they stand in the pack and what's that pack look like?</p><p><a href="https://toot.risottobias.org/tags/Fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fortinet</span></a> <a href="https://toot.risottobias.org/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://toot.risottobias.org/tags/BlueTeam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BlueTeam</span></a> <a href="https://toot.risottobias.org/tags/KEV" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KEV</span></a> <a href="https://toot.risottobias.org/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a></p>
Eddie.<p>Wrapping up an incident knowing I will get to sleep at my normal cadence again ...</p><p><a href="https://infosec.exchange/tags/dfir" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dfir</span></a> <br><a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blueteam</span></a></p>
Lenin alevski 🕵️💻<p>New Open-Source Tool Spotlight 🚨🚨🚨</p><p>Apache Superset is an open-source data visualization and BI tool. It integrates seamlessly with a wide variety of databases and supports complex SQL queries. Its modular architecture makes scaling easy for both small teams and enterprise use. <a href="https://infosec.exchange/tags/DataAnalytics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataAnalytics</span></a> <a href="https://infosec.exchange/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a></p><p>🔗 Project link on <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GitHub</span></a> 👉 <a href="https://github.com/apache/superset" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/apache/superset</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/Software" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Software</span></a> <a href="https://infosec.exchange/tags/Technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Technology</span></a> <a href="https://infosec.exchange/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://infosec.exchange/tags/CTF" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CTF</span></a> <a href="https://infosec.exchange/tags/Cybersecuritycareer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecuritycareer</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blueteam</span></a> <a href="https://infosec.exchange/tags/purpleteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>purpleteam</span></a> <a href="https://infosec.exchange/tags/tips" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tips</span></a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a> <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cloudsecurity</span></a></p><p>— ✨<br>🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️</p>
Tim (Wadhwa-)Brown :donor:<p>Today's observation. If you have a network team with SolarWinds Orion and you're not taking a look at the netflow etc then (assuming you don't have NDR) you should be. There are some nice easy detection use cases to keep an eye on.</p><p><a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blueteam</span></a>, <a href="https://infosec.exchange/tags/dfir" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dfir</span></a>, <a href="https://infosec.exchange/tags/networking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>networking</span></a>, <a href="https://infosec.exchange/tags/soc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>soc</span></a></p>
infosystir<p>A HUGE thank you to Mental Health Hacker's first PLATINUM sponsor, <span class="h-card" translate="no"><a href="https://bird.makeup/users/blumirasec" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>blumirasec</span></a></span> </p><p>This will enable us to bring even MORE to the <span class="h-card" translate="no"><a href="https://defcon.social/@blueteamvillage" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>blueteamvillage</span></a></span> <br>this year! Our partnership with BTV will enable us to help bring resources, content, and giveaways at <span class="h-card" translate="no"><a href="https://defcon.social/@defcon" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>defcon</span></a></span> this year! See ya'll soon!!</p><p>A Security Tool Your IT Team Can Actually Use</p><p>Blumira simplifies cybersecurity by combining ease of use with powerful protection. We enable teams big and small to defend effectively.</p><p><a href="https://infosec.exchange/tags/defcon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>defcon</span></a> <a href="https://infosec.exchange/tags/defcon33" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>defcon33</span></a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blueteam</span></a> <a href="https://infosec.exchange/tags/defensivesecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>defensivesecurity</span></a> <a href="https://infosec.exchange/tags/siem" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>siem</span></a> <a href="https://infosec.exchange/tags/mentalhealth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mentalhealth</span></a></p>