John Hammond

@[email protected]
6.8K Followers
96 Following
456 Posts
Hacker. Friends. Cybersecurity Researcher.
John Hammond12h ago
hELLO
the tIME HAS cOME oNCE AGAIN on my cONTENT cALENDAR
for me to continue to scream and shout about
oUR VIRTUAL EVENT ContinuumCon 2026
jUNE 12 - 14 https://continuumcon.com
livestream run of show is free & public but all workshop sessions get into hands-on labs
see u there ✌️
John Hammond2d ago
A funny slew of phishing emails I've seen flying around: a legitimate Facebook Business invite notification, but bad actors stuffing threatening urgency into their "name" values that get inserted into the real email. And the phishing landing page is hysterical. 🤣 Video link: https://youtu.be/QRN3t1_paTY
John Hammond3d ago
More ConsentFix -- a "V3" some might say, shared amongst a dark web/cybercrime forum, and a treasure trove of tradecraft to see how bad actors leverage third-party sites and services to do their dirty work. 👀 Video:
https://youtu.be/T3oVdPCMDJw
John Hammond5d ago

Joined by Katrina Manson to hear all about her latest book release: Project Maven & the Dawn of AI Warfare 👀

We talk AI usage at the Pentagon, drone intel, AI enabled targeting, and the ethical tipping point of autonomous weapons. Super fascinating ideas. Video: https://youtu.be/OVgruylpVXc

John HammondApr 9
Wild story on a big AI-powered social engineering campaign, leveraging Device Code phishing to steal Entra ID/Microsoft accounts -- all with entirely unique and personalized per-victim lures from vibecode-crafted infrastructure 🤯 Video: https://youtu.be/9b3kirR8s2U
John HammondApr 8
Real treat to catch up with Joe Tidy and hear more behind the scenes deets about his book Ctrl+Alt+CHAOS: How Teenage Hackers Hijack the Internet 🤩 Insight into "the most hated hacker in history" and the rise and fall of teenage hacking gangs. Video: https://youtu.be/GUzD_ShRKYE
John HammondApr 7
Fake Windows notifications -- homage to iPurpleTeam and their sweet recent writeup, showcasing some tricks with toast popups in pure PowerShell to fake alerts from installed apps found in Registry. Even a low-privilege custom protocol handler! Video: https://youtu.be/wrAFZLa1TAk
John HammondApr 4
Our virtual event endeavor is back for its round-two show -- ContinuumCon 2026! Banner mantra "The cybersecurity conference that never ends" 😜 All sessions are workshops and you keep a whole cyber range to work on them whenever you want. https://jh.live/continuumcon Public livestream for the main event is June 12-14th, hope you tune in!
John HammondApr 3

heyyyyyy In case you missed it, I got to chat with Fletcher Heisler about the cool stuff he's been cooking up with authentik ! And I met Fletcher at BsidesSF -- really awesome guy 🤩😊 Video: https://youtu.be/2ttrqnw5kDE

I've actually used authentik to manage identities in a self-hosted local environment before, so was really happy to hang out and see it even more in action. Thanks Fletcher!! 😄See their sweet stuff: https://jh.live/authentik

John HammondMar 31
If you're waking up to the Internet and your world on fire from the new NPM and axios package supply chain attack, I have a short 15 minute video to hopefully catch you up to speed. Links to further resources included -- video: https://www.youtube.com/watch?v=A58cV17avpM