World Password Day. The finding that should sting: roughly 60% of credential issues from real pentests this year came from factory defaults still running. FTP, RDP, Redis, Telnet. No brute-forcing needed.

Dragos Sandu, Product Manager at Pentest-Tools.com, shared the data with IT Security Guru. Full piece: https://www.itsecurityguru.org/2026/05/07/world-password-day-2026-the-credential-crisis-hasnt-gone-away-its-just-got-more-dangerous/

#offensivesecurity #penetrationtesting

📰 Accenture Invests in AI-Powered Offensive Security Platform XBOW

Accenture invests in AI-powered offensive security firm XBOW. 🤖 The partnership aims to bring autonomous, continuous penetration testing to clients, fighting AI-driven threats with AI-driven defense. #CyberSecurity #AI #OffensiveSecurity #Accenture

🔗 https://cyber.netsecops.io

🚨 Praetorian is teaching at BlackHat. Come hack with us.

Two trainings on the schedule:

🔧 Boards to Bluetooth (Hardware/IoT, Beginner/Intermediate)
→ https://blackhat.com/us-26/training/schedule/?#boards-to-bluetooth-an-introduction-to-embedded-hardware-hacking-509911770321737

⚙️ Pipeline to Pwn (CI/CD, co-taught with Meta, Intermediate/Advanced)
→ https://blackhat.com/us-26/training/schedule/?#pipeline-to-pwn-mastering-modern-cicd-attack-chains-510431770250461

⏰ Early bird ends May 22. Save $600.

#BHUSA #OffensiveSecurity #Praetorian

It's been like six months, so I will post another casual reminder that I am looking for a new job.

At this point, I've been doing IT for over 14 years, and the last nine have been in offensive security. I would say the first half of my offsec career was primarily network pen testing, and the last half has been mostly application security. I feel I have a pretty strong mix of both, though my net pen skills have gotten rustier the last few years, if I am being totally honest. I did a wireless assessment recently as well, so that's another area I could help your org.

Over the last few months, I've transitions to doing more red team work, and not just the physical pen testing side of it, though I have experience doing that as well. There's also been a purple team component, and I've written before on the importance of not doing offsec in a vacuum.

Oh, and I've also done threat modeling. That's something else I could help your organization consider - where are all your threats? It's good to know where all your blinky lights are, but have you thought about all your potential threats, or tried to?

When I was a consultant, I messed with other stuff like Kubernetes clusters, legacy kit like the AS/400, secure code review, and mobile application testing.

I would be open to people leadership as well. I've professionally and personally mentored a few individuals, and it's an area where I feel I have strength and could grow quickly.

One thing I don't like is generative AI, I think it's a grift and I don't want to work at a company that is pushing for people to use it. Honestly it's a big part of the reason I've been looking for a new job for the last year. If I had an angel investor, I'd start a generative AI-free consultancy.

I should close with two tidbits. I live in California, and I prefer to work remotely. That being said (written), I am open to relocation, including out of the United States of America, to any country that would support migration. I prefer remote, as I've been doing that off and on for the better part of a decade, but for the right price I am open to sitting in an office a few days a week. For a lot more money, I'd sit in an office five days a week.

Boosts are appreciated!

#OffensiveSecurity #GetFediHired

Most tools added AI and called it a feature. We kept asking whether it actually makes results more reliable.

Session two of Office Hours is recorded. Jan covers the ML classifier, the authentication layer, and the MCP integration that won't act without your explicit go-ahead.

45 minutes. Q&A included.

Recording: https://www.youtube.com/watch?v=abGruzf2pPk

#penetrationtesting #offensivesecurity #vulnerabilitymanagement

⚡ Fresh Talk Alert for BSides Luxembourg 2026!

𝗪𝗘𝗔𝗣𝗢𝗡𝗜𝗭𝗜𝗡𝗚 𝗣𝗗𝗙 𝗙𝗜𝗟𝗘𝗦: 𝗔𝗗𝗩𝗔𝗡𝗖𝗘𝗗 𝗘𝗫𝗣𝗟𝗢𝗜𝗧𝗔𝗧𝗜𝗢𝗡 𝗧𝗘𝗖𝗛𝗡𝗜𝗤𝗨𝗘𝗦 𝗙𝗢𝗥 𝗥𝗘𝗗 𝗧𝗘𝗔𝗠𝗦 – 𝗙𝗜𝗟𝗜𝗣𝗜 𝗣𝗜𝗥𝗘𝗦

PDFs are everywhere — and attackers know it. This hands-on session explores how malicious actors weaponize PDF files using embedded JavaScript, memory manipulation, and Adobe Reader exploitation techniques to execute malware and exfiltrate data.

Attendees will dive into real-world attack techniques including heap sprays, shellcode injection, buffer overflows, covert data extraction, and malicious payload embedding inside PDFs. The talk also includes live demos, analysis of malicious samples, and practical guidance for safely testing and identifying Indicators of Compromise (IoCs).

Filipi Pires is Head of Technical Advocacy at SCYTHE, Founder of Cross Intelligence, BSides Porto Organizer, and Red Team Village Director at DEF CON. He is an international speaker and educator specializing in red teaming, malware analysis, and application security.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #RedTeam #PDFExploitation #Malware #AppSec #CyberSecurity #OffensiveSecurity

CVE-2026-40321: stored XSS in DNN (DotNetNuke) prior to v10.2.2 chains to full RCE.

Any authenticated user can upload a crafted SVG with embedded JavaScript. If a power user opens it, the payload calls DNN's own config endpoint to drop an ASPX backdoor in the server root.

One file. One click. Full RCE. CVSS 8.1, patched, fully documented.

Write-up + PoC payloads: https://pentest-tools.com/blog/dotnetnuke-xss-to-rce

More research from our team: https://pentest-tools.com/research

#offensivesecurity #penetrationtesting #infosec

False positives in web scans often aren't wrong detections. They're unfiltered responses: soft 404s, error pages, and redirect chains that look like findings until someone checks.

We added an ML classifier that catches those before they ever surface as results. Fewer findings to re-validate, cleaner reports, less explaining to developers.

Full breakdown: https://pentest-tools.com/usage/minimize-false-positives

#pentesting #offensivesecurity

🚨 Most people think red teaming is about exploits.

It’s not.

The most effective attacks today don’t start with vulnerabilities —
they start with **trust**.

Modern environments are cloud-heavy, identity-driven, and full of SaaS integrations. In these systems, attackers don’t always need to “break in.”

They move quietly through:

• Over-permissioned identities
• Weak approval workflows
• Misconfigured cloud roles
• OAuth tokens and API access
• Human behavior under pressure
• Business processes no one questions

This is what I’ve been studying and calling the **Quiet Kill Chain** —
a sequence of legitimate-looking actions that, when chained together, become an attack path.

No loud exploits.
No obvious malware.
Just normal activity… used the wrong way.

## What changes at an advanced level?

You stop asking:
“What exploit should I use?”

And start asking:

• Where does this system trust too easily?
• Which action would look completely normal?
• What would defenders ignore?
• How can I blend into business operations?

Because the strongest intrusion today is not the one that is invisible.

It’s the one that looks **legitimate**.

## My takeaway

Offensive security is shifting from breaking systems
to understanding them deeply enough to move inside them unnoticed.

I’ve written a full deep-dive on this concept here 👇

🔗 https://dev.to/blackcipher/the-quiet-kill-chain-how-modern-red-teamers-break-organizations-without-exploits-1ell

Curious to hear your thoughts —
Is detection today ready for this level of subtlety?

#CyberSecurity #RedTeam #OffensiveSecurity #ThreatIntel #CloudSecurity #IdentitySecurity #EthicalHacking #BlackCipher