r1cksec14h ago

A post about how to perform phishing using github issues

https://blog.atsika.ninja/posts/the-phishy-github-issue-case

#infosec #cybersecurity #redteam #phishing #github

The Phishy GitHub Issue Case

A detailed guide to emulating advanced phishing attacks on GitHub for Red Team operations, leveraging fake issues and notifications to exploit a TOCTOU race condition, tricking developers into authorizing malicious OAuth apps for initial access while bypassing MFA and using only trusted infrastructure.

Atsika.ninja
KL3FT3Z1d ago
See my new article and use my redteam tool for Containers Security https://dev.to/toxy4ny/flibustier-why-we-built-a-container-security-auditor-in-pure-bash-1ilh #docker #kubernets #redteam #tool #article #devto #research #ci-cd #hacking #hacker #cybersecurity #education #pods #auditing
Flibustier: Why We Built a Container Security Auditor in Pure Bash

"A lightweight, zero-dependency container runtime audit toolkit designed for redteam operations. No...

DEV Community
r1cksec1d ago

New cheatsheets pushed

https://github.com/r1cksec/cheatsheets

#infosec #cybersecurity #redteam #pentest #threatintel #malware #dfir #bugbounty #opensource

GitHub - r1cksec/cheatsheets: Collection of knowledge about information security

Collection of knowledge about information security - r1cksec/cheatsheets

GitHub
EuskalHack1d ago
Continuamos este sábado con la charla "Death to IOCs: Detección basada en el dolor del atacante” de la mano de Iván Cabrera y Adrián Díaz bajo el lema "Forged by attackers, built for defenders" #RedTeam #BlueTeam #Tradecraft #ESCIX
Alfredo3d ago

Lightweight Asymmetric Encryption for C2 Implants — from XOR to Rabin KEM

Why Rabin beats RSA for implants: ~60 lines of pure C, no external deps, no heavy constants, provably as hard as factoring.

Covers the full crypto pipeline: XOR → AES-CTR → Rabin key encapsulation, with a working Python toolkit.

https://medium.com/@alfred.abston/lightweight-asymmetric-encryption-for-c2-implants-a-red-teamers-guide-from-xor-to-rabin-42e9b6b275d6

#redteam #infosec #malware #pentesting #crypto #cybersecurity

Lightweight Asymmetric Encryption for C2 Implants: A Red Teamer’s Guide from XOR to Rabin

A practical walkthrough of encryption choices for red team implants — from XOR and AES-CTR to Rabin key encapsulation — with a…

Medium
leHACK3d ago
🇬🇧
ALL ACCESS AUTHORIZED: How to infiltrate major events for fun and profit. A security research talk on gaining access to highly secured events. 27/06 at 17:45.
https://lehack.org/2026/tracks/conferences/
https://www.billetweb.fr/lehack-2026-brave-new-world
#leHACK #PhysicalSecurity #RedTeam
Show threadleHACK3d ago
🇫🇷
ALL ACCESS AUTHORIZED: How to infiltrate major events for fun and profit. Une conférence sur l'infiltration d'événements hautement sécurisés, vue sous l'angle de la recherche en sécurité. 27/06 à 17h45.
https://lehack.org/2026/tracks/conferences/
https://www.billetweb.fr/lehack-2026-brave-new-world
#leHACK #SécuritéPhysique #RedTeam
Conferences - leHACK

leHACK
0xBughunter4d ago

🪟 ​​Forrester names Microsoft a Leader in the 2026 Extended...

📝 We are excited ...

https://www.microsoft.com/en-us/security/blog/2026/06/17/forrester-names-microsoft-a-leader-in-the-2026-extended-detection-and-response-platforms-wave-report/

📰 Microsoft Security Blog

#Microsoft #RedTeam

​​Forrester names Microsoft a Leader in the 2026 Extended Detection and Response Platforms Wave™ report | Microsoft Security Blog

Microsoft has been named a leader for the third consecutive time in The Forrester Wave™: Extended Detection and Response Platforms, Q2 2026.

Microsoft Security Blog
r1cksec5d ago

Windows security research toolkit for LPE, persistence, COM hijacking, and attack surface enumeration.

https://github.com/kernelstub/Ferrum

#infosec #cybersecurity #redteam #pentest #opensource #windows

GitHub - kernelstub/Ferrum: Windows security research toolkit for LPE, persistence, COM hijacking, and attack surface enumeration.

Windows security research toolkit for LPE, persistence, COM hijacking, and attack surface enumeration. - kernelstub/Ferrum

GitHub
Nathan Labs5d ago

Attackers don't test your defenses once a year.

Why should your security team? 🔐

One-time pentests provide a snapshot. Continuous pentesting delivers ongoing visibility, real-time risk discovery, and faster remediation.

Attackers work every day. Security testing should too.

🌐 https://www.vaptsecurity.com/

#CyberSecurity #Pentest #ContinuousPentesting #VAPT #CloudSecurity #APISecurity #CTEM #RedTeam #CyberDefense