JMFD
@shittalk.ing
Offense Security Consultant @RedSiege | Ice-cream Lover | Kickboxer | Hater of Indiana | Cold Weather Avoider | Pokémon Master | Taller on the Internet
Thanks to everyone who took the O4D training, played my CTF, and attended my workshop at @wildwesthackinfest.bsky.social
I'm exhausted, but I saw enough smiles from folks that it made it all worth it.
See you all next time 😁
I'm exhausted, but I saw enough smiles from folks that it made it all worth it.
See you all next time 😁
February 8, 2025 at 6:33 PM
Thanks to everyone who took the O4D training, played my CTF, and attended my workshop at @wildwesthackinfest.bsky.social
I'm exhausted, but I saw enough smiles from folks that it made it all worth it.
See you all next time 😁
I'm exhausted, but I saw enough smiles from folks that it made it all worth it.
See you all next time 😁
Just landed in Denver for WWHF. If you're around this week. Come find me for a hug or a high five.
I'm the short one.
I'm the short one.
February 3, 2025 at 11:03 PM
Just landed in Denver for WWHF. If you're around this week. Come find me for a hug or a high five.
I'm the short one.
I'm the short one.
I have like seven talents that are completely unrelated in any other field except pentesting.
It's hard work, and the bar is high at @redsiege.com, but I was built for this line of work.
Thankful every day to be where I'm at with a team that goes just as hard.
It's hard work, and the bar is high at @redsiege.com, but I was built for this line of work.
Thankful every day to be where I'm at with a team that goes just as hard.
December 20, 2024 at 2:45 AM
I have like seven talents that are completely unrelated in any other field except pentesting.
It's hard work, and the bar is high at @redsiege.com, but I was built for this line of work.
Thankful every day to be where I'm at with a team that goes just as hard.
It's hard work, and the bar is high at @redsiege.com, but I was built for this line of work.
Thankful every day to be where I'm at with a team that goes just as hard.
I have attempted a DNS Zone Transfer using DNSRecon on every network pentest I've done for the past four years.
Today it worked for the first time.
Which unfortunately now means I'll keep doing it for the next decade never to have it work again.
Today it worked for the first time.
Which unfortunately now means I'll keep doing it for the next decade never to have it work again.
December 5, 2024 at 10:25 PM
I have attempted a DNS Zone Transfer using DNSRecon on every network pentest I've done for the past four years.
Today it worked for the first time.
Which unfortunately now means I'll keep doing it for the next decade never to have it work again.
Today it worked for the first time.
Which unfortunately now means I'll keep doing it for the next decade never to have it work again.
This is the third day in a row I have been up before 7am.
This madness has to stop.
This madness has to stop.
December 1, 2024 at 12:38 PM
This is the third day in a row I have been up before 7am.
This madness has to stop.
This madness has to stop.
I hate the holidays, but we ordered from a place that sells pop culture figures in the style of metal band tees and I had to pickup this one for the season.
November 29, 2024 at 3:23 AM
I hate the holidays, but we ordered from a place that sells pop culture figures in the style of metal band tees and I had to pickup this one for the season.
Reposted by JMFD
Sekoia has published some pretty comprehensive research on how ransomware gangs exfiltrate data from compromised environments.
blog.sekoia.io/ransomware-d...
blog.sekoia.io/ransomware-d...
November 28, 2024 at 5:08 PM
Sekoia has published some pretty comprehensive research on how ransomware gangs exfiltrate data from compromised environments.
blog.sekoia.io/ransomware-d...
blog.sekoia.io/ransomware-d...
Thanksgiving is an awful holiday to celebrate.
But I'm conflicted because I really like all the mashed potatoes and mac n cheese.
But I'm conflicted because I really like all the mashed potatoes and mac n cheese.
November 28, 2024 at 4:43 PM
Thanksgiving is an awful holiday to celebrate.
But I'm conflicted because I really like all the mashed potatoes and mac n cheese.
But I'm conflicted because I really like all the mashed potatoes and mac n cheese.
For one of my side hustles, I opened a Local Game Store a few months ago. We've been grinding away getting ready for Black Friday and for the first time I feel like the store is full. This has been such an awesome building and learning experience. We are as ready as we can be!
November 28, 2024 at 2:53 PM
For one of my side hustles, I opened a Local Game Store a few months ago. We've been grinding away getting ready for Black Friday and for the first time I feel like the store is full. This has been such an awesome building and learning experience. We are as ready as we can be!
The Mall Santa just told me he liked my shirt, which has The Lorax holding a shotgun. That exchange might have just put me in the Christmas spirit.
November 28, 2024 at 1:09 AM
The Mall Santa just told me he liked my shirt, which has The Lorax holding a shotgun. That exchange might have just put me in the Christmas spirit.
😬😬😬
Ruh roh
github.com/peass-ng/PEA...
"curl -s "http[s]://log.linpeas.sh/?uuid=$(cat /proc/sys/kernel/random/uuid)&id=$(cat /var/lib/dbus/machine-id)&root=$IAMROOT&hostname=$(hostname)&user=$(whoami)&uname=$(uname -a | base64 -w 0)&cwd=$(pwd | base64 -w 0)" > /dev/null 2>/dev/null"
github.com/peass-ng/PEA...
"curl -s "http[s]://log.linpeas.sh/?uuid=$(cat /proc/sys/kernel/random/uuid)&id=$(cat /var/lib/dbus/machine-id)&root=$IAMROOT&hostname=$(hostname)&user=$(whoami)&uname=$(uname -a | base64 -w 0)&cwd=$(pwd | base64 -w 0)" > /dev/null 2>/dev/null"
https://linpeas.sh ownership · Issue #450 · peass-ng/PEASS-ng
The linpeas.sh version hosted at https://linpeas.sh is sending info to a remote server: curl -s "https://log.linpeas.sh/?uuid=$(cat /proc/sys/kernel/random/uuid)&id=$(cat /var/lib/dbus/machine-id)&...
github.com
November 27, 2024 at 3:34 PM
😬😬😬
I get that everyone is happy thay Bluesky isn't Twitter, but you understand it's only a matter of time before it becomes just another corporate propaganda machine with its own agenda... right?
November 26, 2024 at 3:20 PM
I get that everyone is happy thay Bluesky isn't Twitter, but you understand it's only a matter of time before it becomes just another corporate propaganda machine with its own agenda... right?
I bought a $600 Steam Deck and I really only play retro games on it. There was a smarter way to do this.
November 26, 2024 at 12:08 AM
I bought a $600 Steam Deck and I really only play retro games on it. There was a smarter way to do this.
Daaang. Someone must have added me to a starter pack somewhere. I got a bunch of new followers this morning.
Hello new friends.
Hello new friends.
November 25, 2024 at 5:30 PM
Daaang. Someone must have added me to a starter pack somewhere. I got a bunch of new followers this morning.
Hello new friends.
Hello new friends.
The moderation features on Bluesky are great. Instead of a force fed stream of content you can block specific words.
I'm looking forward to blocking everyone talking about eggnog.
That shit is absolutely gross and if you people actually liked it you'd drink it more than one month a year.
I'm looking forward to blocking everyone talking about eggnog.
That shit is absolutely gross and if you people actually liked it you'd drink it more than one month a year.
November 25, 2024 at 3:47 AM
The moderation features on Bluesky are great. Instead of a force fed stream of content you can block specific words.
I'm looking forward to blocking everyone talking about eggnog.
That shit is absolutely gross and if you people actually liked it you'd drink it more than one month a year.
I'm looking forward to blocking everyone talking about eggnog.
That shit is absolutely gross and if you people actually liked it you'd drink it more than one month a year.
Optimist: The cup is half full
Pessimist: The cup is half empty
Pentester: If you turn the cup upside down fast enough it's still technically a cup with water in it but haha I'm domain admin now
Pessimist: The cup is half empty
Pentester: If you turn the cup upside down fast enough it's still technically a cup with water in it but haha I'm domain admin now
Optimist: The cup is half full
Pessimist: The cup is half empty
FOIA Officer: We can neither confirm nor deny that the agency has a cup
Pessimist: The cup is half empty
FOIA Officer: We can neither confirm nor deny that the agency has a cup
Optimist: The cup is half full
Pessimist: The cup is half empty
Abolitionist: The carceral cup is constraining our radical imagination
Pessimist: The cup is half empty
Abolitionist: The carceral cup is constraining our radical imagination
November 24, 2024 at 4:42 PM
Optimist: The cup is half full
Pessimist: The cup is half empty
Pentester: If you turn the cup upside down fast enough it's still technically a cup with water in it but haha I'm domain admin now
Pessimist: The cup is half empty
Pentester: If you turn the cup upside down fast enough it's still technically a cup with water in it but haha I'm domain admin now
The superior way to write an infosec talk is come up with a great talk title first before you begin any research.
November 23, 2024 at 4:25 PM
The superior way to write an infosec talk is come up with a great talk title first before you begin any research.
Is that the real @3yearletterman.bsky.social ? If so, Bluesky is complete.
November 23, 2024 at 3:09 AM
Is that the real @3yearletterman.bsky.social ? If so, Bluesky is complete.
Corey crushed this talk and then damn @jconncreative.bsky.social crushed the artwork.
The latest SiegeCast "MODERN MALWARE" dives deep into the constantly progressing landscape of malware tactics
READ/WATCH: redsiege.com/modern-malware
Key Takeaways:
🔴 The Cat-and-Mouse Game of Security
🔴 Sandbox Evasion Strategies
🔴 Obfuscation and Detection Bypass
🔴 Navigating AMSI & ETW Layers
READ/WATCH: redsiege.com/modern-malware
Key Takeaways:
🔴 The Cat-and-Mouse Game of Security
🔴 Sandbox Evasion Strategies
🔴 Obfuscation and Detection Bypass
🔴 Navigating AMSI & ETW Layers
November 22, 2024 at 11:12 PM
Corey crushed this talk and then damn @jconncreative.bsky.social crushed the artwork.
Damn. Never had a flight attendant have me take out my headphones so they could directly pitch me a credit card. AA must have really upped the employee bonus on those. Or maybe I just look rougher than normal.
November 22, 2024 at 10:30 PM
Damn. Never had a flight attendant have me take out my headphones so they could directly pitch me a credit card. AA must have really upped the employee bonus on those. Or maybe I just look rougher than normal.
Did I spend over an hour trying to figure out the incredibly simple task of putting a hardhat together? Yes.
Did I use it to complete compromise a facility today? Also yes.
Did I use it to complete compromise a facility today? Also yes.
November 21, 2024 at 11:35 PM
Did I spend over an hour trying to figure out the incredibly simple task of putting a hardhat together? Yes.
Did I use it to complete compromise a facility today? Also yes.
Did I use it to complete compromise a facility today? Also yes.
Good morning. Your security tip of the day is don't put the combination for your safe on a sticky note attached to your safe.
Yes this happened last night.
Yes this happened last night.
November 21, 2024 at 1:52 PM
Good morning. Your security tip of the day is don't put the combination for your safe on a sticky note attached to your safe.
Yes this happened last night.
Yes this happened last night.
Reposted by JMFD
If you are in cybersecurity repost this so we can all follow each other 😬
November 15, 2024 at 4:53 PM
If you are in cybersecurity repost this so we can all follow each other 😬
I didn't have stealing a forklift on my 2024 bingo card. But I did it.
November 21, 2024 at 4:18 AM
I didn't have stealing a forklift on my 2024 bingo card. But I did it.
Being a pest inspector/exterminator continues to be one of my favorite pre-texts for physical engagements.
Everyone. Wants. Bugs. Gone.
It makes sense that not all employees would know about a pest issue, companies keep it hush hush.
You need access to all spaces to guarantee your work.
Everyone. Wants. Bugs. Gone.
It makes sense that not all employees would know about a pest issue, companies keep it hush hush.
You need access to all spaces to guarantee your work.
November 20, 2024 at 5:30 PM
Being a pest inspector/exterminator continues to be one of my favorite pre-texts for physical engagements.
Everyone. Wants. Bugs. Gone.
It makes sense that not all employees would know about a pest issue, companies keep it hush hush.
You need access to all spaces to guarantee your work.
Everyone. Wants. Bugs. Gone.
It makes sense that not all employees would know about a pest issue, companies keep it hush hush.
You need access to all spaces to guarantee your work.