B'ad Samurai 🐐

@badsamurai@infosec.exchange
231 Followers
123 Following
1.3K Posts
#securty #automation #soar #iac and #tay
Webhttps://badsamurai.dev
GitHubhttps://github.com/BadSamuraiDev
Verificationhttps://www.badsamurai.dev/mastodon-verification
Gravatarhttps://gravatar.com/badsamuraidev
Pronounshe/him
DogsAn old clever "mini" golden and blind black lab-ish pup
B'ad Samurai 🐐9h ago

DomainTool's malware over DNS inspired me to finish this proof-of-concept game utilizing DNS TXT records dynamically generating Mad Libs in JavaScript. Think Cloudflare pastebin-over-DNS.

https://ttl.ninja/madlibs/madlibs.html

https://github.com/TTLNinja/madlibs

#dns #infosec #lots #pastebin #cloudflare

B'ad Samurai 🐐10h ago
evacide10h ago
Serial spyware founder Scott Zuckerman wants the FTC to unban him from the surveillance industry and I am going to need to grow more middle fingers in order to express how I feel about that: https://techcrunch.com/2025/07/21/serial-spyware-founder-scott-zuckerman-wants-the-ftc-to-unban-him-from-the-surveillance-industry/
Serial spyware founder Scott Zuckerman wants the FTC to unban him from the surveillance industry | TechCrunch

The spyware maker was banned from the surveillance industry in 2021, but was caught flouting the ban less than a year later. Now the founder wants the ban lifted altogether.

TechCrunch
B'ad Samurai 🐐13h ago

Today I was pondering my alt resume of some generally useless tech skills (typically admin + dev)

  • SharePoint
  • Allaire ColdFusion
  • Drupal
  • EMC Documentum
  • Wireless Markup Language
  • LAMP/LAPP/LLPP
  • JBoss

I'd like to say we learned these only to later build something better. But we sure liked a lot of terrible products at the time.

B'ad Samurai 🐐14h ago
B'ad Samurai 🐐2d ago
Ian Campbell2d ago

I am not the best at domain intel, or OSINT, or anything really.

But what I want spammers and scammers and botters to understand is if they target Mastodon in general, or infosec folks here specifically, I will grumpily spend a large chunk of my free time finding out who you are and/or interfering with your fuckery.

I do not do work/life balance, and I have great datasets at hand.

https://masto.deoan.org/@neurovagrant/114880724970779841

Ian Campbell (@neurovagrant@masto.deoan.org)

Done digging. Pretty confident in the identity, ambivalent about wreaking havoc on this dummy but happy to hand off details to @hacks4pancakes@infosec.exchange @luckytran@med-mastodon.com or @nixCraft@mastodon.social I sent a polite email off to the young gentleman it appears to be. Hopefully he realizes his mistake.

masto.deoan.org
B'ad Samurai 🐐3d ago
Michigander 3d ago
Someone is looking forward to getting a fresh snow pea πŸ«›
#dogs #DogsOfMastodon #gardening #photography
B'ad Samurai 🐐3d ago
chris martens4d ago
i’ve taught students who are new to programming who try to justify their use of LLM code tools with self deprecation β€” β€œi’m bad at this”, β€œthere’s no way i could ever figure it out on my own.” i wish i knew how to get through that the actual value your college tuition pays for is access to live human beings whose job it is to give you the kind of help you’re seeking from the LLM. that those human relationships are what give life meaning & there are so precious few opportunities to create them
B'ad Samurai 🐐4d ago
Norcal Gma 24d ago
Three generations of our family were protesting together on highway 101 today.
I wore my Good Trouble t-shirt and we rolled out our newest banner. Our middle grandson designed a bright and eye catching message. Lots of older folks stopped to say that they were happy to see young people. There was actually a range of ages from small children to my ninety something year old friend. The majority appeared to be seniors though.
Lots of anti MAGA and pro democracy furor.
I get teary when I protest because my body can't figure out what to do with so many feelings. It is truly hard to absorb the chaos and atrocities of the last six months.
Proud to stand with all who stand in solidarity and resistance.
Looking forward to being on the winning side eventually.
B'ad Samurai 🐐4d ago
Ian Campbell4d ago

Knostic sponsored a "Prompt Pit" this morning - a gaggle of infosec folks got together to share quick GenAI-related findings, tips, or use cases.

Dragos Ruiu introduced a term I haven't heard before that could've come straight from @bruces:

"context rot."

When working with an LLM you get to a point where the past text becomes too large for the LLM to consider, moving outside the model's "context window" and degrading generation with respect to the whole conversation.

https://docs.anthropic.com/en/docs/build-with-claude/context-windows

Context windows - Anthropic

Anthropic
B'ad Samurai 🐐5d ago

Since DNS is on πŸ”₯ today I should note if you're a Splunk shop, the DNS data model in Enterprise Security does not include the field for TXT record values, you need to add that manually.

Then you can do high-fidelity detections such as length and base64 with conversions looking for code.

#dns #splunk #blueteam

Γ—
Show threadB'ad Samurai 🐐Jul 11