Michael ⛰️🌲
@infosec_mike
Avid Indoorsman, Blue team, W605, and Octothorpe enthusiast.
You might like
The next free one-hour @Antisy_Training Anticast is on -- Getting Started in iOS Mobile Application Testing w/ Cameron C. & Dave Wed, OCT 29, 2025 12:00 PM EDT Register -- events.zoom.us/ev/AhuYC0jYtKM… Join us for a free one-hour training session with Cameron Cartier and Dave…
The next free one-hour Black Hills Information Security webcast is on -- AI Agents and MCP Security Risks w/ @joff_thyer Thu, Oct 30, 2025 1:00 PM EDT. Register (Zoom) -- events.zoom.us/ev/Ahn_6DM5Iey… Do you know what MCP stands for? Agentic AI implementations are being used to…
Due to the shutdown, I've had multiple reach out to me... What are the private sector cyber jobs a Fed worker could shift to? (maybe short time?) RT this far and wide. Those folks deserve a break!
If you take over a bankrupt startup’s domain, you can access okta, gsuite, adp, all sorts of pii. Don’t think there’s any cleanup.
Learn how to wield Proxifier like a pro in Senior Security Consultant Justin Palk's guide "How to Set Up Proxifier for Penetration Testing" 🔗 redsiege.com/proxifier #hacking #infosec #cybersecurity
Decisions decisions.....thoughts?
Don't forget! Call for Papers for Wild West Hackin' Fest @ Mile High 2026 is open until Nov. 3! Submit yours now! -- wkf.ms/45fLrjH
Save the date for Deadwood 2026! Pre-con training: Oct. 6-7, 2026; Conference: Oct. 7-9, 2026
Don't forget! Call for Volunteers for Wild West Hackin' Fest @ Mile High 2026 ends this Friday, Oct. 17! Submit your application here: forms.monday.com/forms/da56e10f…
Dear M365 admins: ALL OF YOU Are you using Power Platform? If you can't answer that, KEEP READING. There are still things you need to do. Here are some absolute basics that most organizations miss. You license comes with Power Apps and Power Automate functionality and a…
Safe travels from @WWHackinFest another excellent experience thank you to all the staff and volunteers. Glad I was able to see and visit with so many.
"[...] the Microsoft Store is likely to allow users to install dual use applications that can be used to bypass security controls or access sensitive information in the environment." Read more: blackhillsinfosec.com/microsoft-stor… Microsoft Store and WinGet: Security Risks for Corporate…
![BHinfoSecurity's tweet image. "[...] the Microsoft Store is likely to allow users to install dual use applications that can be used to bypass security controls or access sensitive information in the environment."
Read more: blackhillsinfosec.com/microsoft-stor…
Microsoft Store and WinGet: Security Risks for Corporate…](https://pbs.twimg.com/media/G27X5PdXMAAevc8.jpg)
What risks arise from adding Domain Users to a template’s Enroll ACL? Share your top 3! 🔥 Last chance to join us on Oct 15 @ 12:00 pm ET! events.zoom.us/ev/AsbybLz-COO…
👀An attacker requests a cert, uses it for lateral movement, deletes logs... Where else can you see evidence? Join us Oct 15 @ 12 PM ET for Anti-Cast with Alyssa Snow & Kaitlyn Wimberley. events.zoom.us/ev/AsbybLz-COO…
Join @Carlos_Perez for our next webinar on October 15 at 1:00PM. We'll draw from recent, anonymized investigations to expose the most devastating failure patterns our Incident Response team has encountered in the field. Secure your spot now! trustedsec.zoom.us/webinar/regist…
If posture reviews had a boss battle, what would yours be? 🎮 Stay equipped for the fight and join Kimber Amos for free: antisyphontraining.com/event/anti-cas…
"Who knows what vulnerabilities are hiding just waiting to be found?" Security Consultant Stuart Rorer discusses how to up your recon game during web app penetration tests in this blog post 🔗 redsiege.com/eagleeye #hacking #infosec #cybersecurity
Check out Titanis, my new C#-based protocol library! It features implementations of SMB and various Windows RPC protocols along with Kerberos and NTLM. github.com/trustedsec/Tit…
Active Directory hardening is free…outside of your time. Overall - PingCastle Passwords - FGPP, LAPS, Lithnet Permissions - ADeleg/ADeleginator Applocker - Applocker Inspector/Applocker gen ADCS - Locksmith Logon scripts - ScriptSentry GPO - GPOZaurr Baselines - CIS/Microsoft…
Dumping LSASS is old school. If an admin is connected on a server you are local admin on, just create a scheduled task asking for a certificate on his behalf, get the cert, get its privs. All automatized in the schtask_as module for NetExec 🥳🥳🥳
United States Trends
- 1. Good Wednesday 24.5K posts
- 2. #NationalCatDay N/A
- 3. Hump Day 11.6K posts
- 4. #MAYATVAWARDS2025 825K posts
- 5. Huda 14.8K posts
- 6. Happy Hump 6,966 posts
- 7. #wednesdaymotivation 2,663 posts
- 8. #PutThatInYourPipe N/A
- 9. South Korea 105K posts
- 10. #Wednesdayvibe 1,594 posts
- 11. ZNN AT MAYA25 438K posts
- 12. Jay Z 7,043 posts
- 13. Wayne 95.7K posts
- 14. Tapper 29.8K posts
- 15. Bill Gates 69.4K posts
- 16. Clippers 15K posts
- 17. Don Lemon 10.8K posts
- 18. Namjoon 215K posts
- 19. Royalty 12.2K posts
- 20. Eminem 12.3K posts
You might like
-
David Boyd
@fir3d0g -
ʝօʄʄ ȶɦʏɛʀ 🇦🇺🇺🇸 @yoda66.bsky.social
@joff_thyer -
Brian Phillips
@BrianRPhillips -
la voce del diavolo
@TheDevilsVoice -
Joshua Marpet
@quadling -
Tim V
@Ajediday -
[email protected] & bsky
@SciaticNerd -
Adam Compton (@[email protected])
@tatanus -
Pete Hewitt - @[email protected]
@p373w007 -
Samwise
@TeaPartyTechie -
Bryant Mitchell
@Bryant_Mitchell -
The Deputy
@VeldaLempka -
Karl
@synthwave2k -
Jake Servaty
@0x_Sp4ms -
Ⓣravוֹs
@1nfosecs
Something went wrong.
Something went wrong.