Mastodawn

I wouldn't recommend trusting the @offsec community discord, and at this point, I can’t recommend their certs either.

Last night, I called out an account using a fake federal subdomain for their username as "larp:" "<first_name>.<last_name>.dni.gov." Threat actors frequently use fake government handles to cultivate unearned trust. Instead of validating a basic threat indicator, a mod reignited it this morning, defending the account with "you don't know if they are posing or not."

Exactly. I don't. That’s why I called it a larp instead of phishing. But a red team platform should understand zero-trust models, proactive threat identification, and defensive alignment. Instead, they operate on a purely reactive basis.

It's a terrible look to run off a cybersecurity major in a CAE-CD program for practicing human perimeter tactics. I don't need OffSec to get where I'm going. SANS/GIAC offers highly respected pentesting certs anyway, alongside industry-gold-standard DFIR (Digital Forensics & Incident Response) and specialized Cyber Defense pathways. I'll save my $1,600+ for an ecosystem that actually understands threat modeling.

Purple team is still the undisputed champion. I am not going to bow down to someone just because they are a community mod and operate in a complete silo.

#cybersecurity #purpleteam #offsec #opsec #APTs #impersonation #proactivedefense

Tim (Wadhwa-)Brown

Jun 9

There is an irony that despite my offensive background, the only cyber security discipline I don't hold current certs for is offense.

#purpleteam

Adversary Village Jun 9

Call for Sponsors OPEN - Adversary Village at DEF CON 34!
We are now welcoming sponsors and partners for Adversary Village at DEF CON 34. This is a great opportunity to collaborate with one of the leading communities focused on AdversarySimulation and OffensiveSecurity, and to engage directly with practitioners, researchers, and industry leaders shaping modern security operations.
If you are interested in partnering with us for DEF CON 34, feel free to reach out: https://adversaryvillage.org/sponsors/

@defcon
#AdversaryVillage #DEFCON #PurpleTeam

Adversary Village May 31

Hey Folks! CFP for Adversary Village at @defcon 34 will be closed by 11:59 PM PDT, 31st May 2026.
Hurry up and make the submissions for your hands-on workshops, technical talks, adversary tool demos and hands-on activities.
Here is the CFP URL: https://adversaryvillage.org/call-for-papers/

We re looking for content with more hands-on activities, focused strictly on adversary simulation, threat emulation, offensive tradecraft, threat-informed defense, offensive cyber security, state-sponsored threat actors, purple teaming, and real-world attacker techniques. Vendor-neutral, technical, and practical content only.
#DEFCON34 #AdversaryVillage
#OffensiveCyberSecurity #AdversarySimulation #PurpleTeam #ThreatActors #Breaches #DEFCON

Adversary Village May 29

CALL FOR PAPERS CLOSES IN 2 DAYS!
CFP for Adversary Village at @defcon 34 will be closed on 31st May 2026.
Hurry up and Submit your research here: https://adversaryvillage.org/call-for-papers/

We are looking for Talks, Workshops, Tool Demos, and Hands-on Activities focused strictly on adversary simulation, threat emulation, offensive tradecraft, threat-informed defense, offensive cyber security, state-sponsored threat actors, purple teaming, and real-world attacker techniques. Vendor-neutral, technical, and practical content only.
#DEFCON34 #AdversaryVillage
#OffensiveCyberSecurity #AdversarySimulation #PurpleTeam #ThreatActors #Breaches #DEFCON

Tim (Wadhwa-)Brown

May 28

Nice technique and a generalised reminder that once attackers get to uid=0, all bets are off:

https://github.com/MatheuZSecurity/UnhookingLinuxEdr

#linux, #purpleteam

GitHub - MatheuZSecurity/UnhookingLinuxEdr: Attacking the cleanup_module function of a kernel module

Attacking the cleanup_module function of a kernel module - MatheuZSecurity/UnhookingLinuxEdr

GitHub

7ASecurity May 19

RE: https://mastodon.social/@7ASecurity/116601227297357665

🔴🔵 Purple Teaming bridges the gap between attackers and defenders.

Finding vulnerabilities isn’t enough —
your team must learn how attacks actually bypass detection.

👉 https://7asecurity.com/blog/2026/05/purple-team-cybersecurity/

#CyberSecurity #PurpleTeam #PenTesting

7ASecurity May 19

🔴🔵 Purple Teaming bridges the gap between attackers and defenders.

Finding vulnerabilities isn’t enough —
your team must learn how attacks actually bypass detection.

👉 https://7asecurity.com/blog/2026/05/purple-team-cybersecurity/

#CyberSecurity #PurpleTeam #PenTesting

What Is Purple Team Cybersecurity and Why Do You Need It

Purple Team cybersecurity combines offensive and defensive strategies. Learn how this approach finds gaps that siloed teams miss and when you need it.

7ASecurity Blog

Phenarax-ui May 16

The most effective social engineering doesn't pressure you.
It flatters you.
"You're clearly the person who would know how to handle this."
"Someone with your experience would understand."
The compliment primes you to live up to the implied competence.
You want to be the person they think you are.
So you extend trust they haven't earned.
Urgency and fear trigger defenses.
Flattery lowers them.
Know the difference.
#PurpleTeam #SecurityMindset #SocialEngineering

Phenarax-ui May 14

Purple Team thinking for everyday life — #2 (philosophy edition)

Real Purple isn’t about systems. It’s about assumptions.

Most human mistakes come not from lack of knowledge,
but from the stories we believe without questioning.

When urgency, tone, or confidence doesn’t match reality,
pause for seven seconds.

In that small space, assumptions surface.
And with them, clarity.

Purple Teaming is situational awareness turned inward.
Awareness, not fear.
Reflection, not suspicion.
#PurpleTeam #Sec