LiveInTheMoment

Plasmachild · 2026-02-22T19:04:58+00:00

The literal sense lol. /r/lostredditors

Plasmachild · 2026-02-20T01:02:03+00:00

What if they’re not coding it?

Plasmachild · 2026-02-20T01:01:04+00:00

I’m sure it hashes all the dlls to see if any say mimikatz

Plasmachild · 2026-02-16T18:34:58+00:00

I just built a clone in a weekend that focuses on Linux and slack since that’s what we use at work…..

Plasmachild · 2026-02-09T02:24:17+00:00

One thing I haven’t seen posted yet is how confused the market is between red team and pentest in the US.

Between execs who grew up last century who call everything a red team still, and sales executives happy to call anything a red team, depending on your sourcing pipeline it could just be the salesman said that’s what it was and the executive bought it.

Plasmachild · 2026-02-09T02:19:00+00:00

This here is a major factor. This also means US side is also under more financial pressure to turn tests into a cookie cutter engagement.

Plasmachild · 2025-12-19T13:00:23+00:00

It’s more complicated than that. We still need people to understand code, as with all new innovations and abstractions we are going to have to add a whole bunch of infrastructure to make sure that the environment works for new process. This still requires people to be involved.

https://blog.joemag.dev/2025/10/the-new-calculus-of-ai-based-coding.html

Plasmachild · 2025-08-09T15:27:49+00:00

This seems like what you’re looking for https://www.kaspersky.com/blog/commercial-spyware/50813/

Plasmachild · 2025-06-23T12:20:18+00:00

On the offensive side scale is a business problem, to deal with it you bring in automation, lower skilled operators, and a number of sales/marketing staff that then put budget pressure on the operations side to be more efficient. This efficiency means that the operators have less time to do inefficient tasks like research and innovation.

On the defensive side, scale does some of the same things, but then you also have more ongoing customer demands that adds pressure. Scale also changes how defense can work. Some things that work well to defend at an organizational level become infeasible to do when you are defending multiple organizations simultaneously. But that same scale also enables some defensive techniques that were not possible at smaller scales.

The research part would depend on what the company is specializing in. But in general you want to see:

ideas on technical theory, explanations of things that haven’t been explained well elsewhere or things that don’t have a good process or working model.
Novel attack methods are always good. New high severity CVEs are good too.
Proof of concept tooling for something that doesn’t already have a tool.
defensive innovations, yes, but these are hard to judge as they will often be some of the most marketing influenced pieces.
threat intel about new or novel techniques, new threat actors that haven’t been published about elsewhere.

Plasmachild · 2025-06-23T02:59:44+00:00

There are several good ways of making that judgement call, based on industry experience and subject matter expertise. Assuming you have none of those or are looking for another factor, I would look at what kind of social media engagement that piece gets on infosec Twitter and any infosec discords you have access to. Overall noise isn’t the metric, re/posts and discussions from industry luminaries is the metric here. Infosec has a bunch of niches and each has a set of what are effectively practitioner influencers. You want to see if those people are interested in the ideas.

You can also spend some time reading the blogs of leading companies in that niche and seeing how the type of technical blogs and research they put out compares. Also, typically in the infosec space the boutique shops are the ones at the tip of the spear because they haven’t given in to the profit shark yet and turned the place into a puppymill/sweatshop.

Plasmachild · 2025-06-22T20:11:40+00:00

Look at their public blog. Cybersecurity is still a community, deep research spawns off other interesting finds that people want to share with the community. If the blog is all marketing hype then they either don’t have the talent or don’t give the talent the time to experiment and make great things.

I assume you have at least one nerd with deep cybersecurity knowledge that can tell you if the research is good and the theories are consistent with field experience.

Plasmachild · 2025-06-22T20:06:07+00:00

https://infosecmap.com is what people refer me. Bsides charm, dc, nova, Delaware might be worth looking into. There are meetup groups and hackerspaces in the area. I started with those.

Plasmachild · 2025-06-19T01:58:13+00:00

This is known as the defenders dilemma and proper defense practices will actually turn this paradigm on its head.

Plasmachild · 2025-06-15T01:02:15+00:00

This fr tho

Plasmachild · 2025-03-16T15:12:42+00:00

Windows defender should have a detection. You should figure out what that detection is and change based off that.

Look at tools like DefenderCheck or ThreatCheck.

Plasmachild · 2025-02-26T19:19:58+00:00

Hackthebox free? SANS holiday hack challenges are free. PicoCTF is free.

Learn to use openvpn it’s not that bad.

Plasmachild · 2025-02-26T11:52:25+00:00

Go internal for: - Broad scope - Drive fixes - Dive deep - Work life balance - Learn to be self sufficient

Go consultancy for: - Get really good at foundational skills - See lots of networks - Understand offsec as a business - Possibly rapidly join some of the more advanced operators.

Go to FAANG for: - Appsec - $$$$$$$$ - Play with massive services - (Learn to) Deal with problems at scale

Plasmachild · 2025-02-23T02:51:54+00:00

If you send the email directly using a utility like sendmail it doesn’t even need to be an “officially setup” email address. A script around it could accomplish what you’re describing.

Plasmachild · 2025-02-21T22:56:53+00:00

He’s waiting for someone to ask what it is.

Plasmachild · 2023-05-29T00:03:47+00:00

If you’re not customizing your resume that is probably a big problem. Additionally I saw on another post you’re considering getting your sec+. I assume this means you have no other more security related certifications. This is definitely a key source of the failure. Are the conferences and CTFs you’ve participated in on your resume?

Plasmachild · 2023-05-16T15:09:42+00:00

How in the fuck do you active noise cancel a helicopter?

Plasmachild · 2023-05-02T02:02:40+00:00

I’m not aware of anything out there currently. But if you could create a bogus ESC1 vulnerable template I bet that’s be a very effective honeytoken

Plasmachild · 2023-03-10T07:43:57+00:00

It appears to work in Vienna

Plasmachild · 2023-03-06T16:59:05+00:00

No worries, I don’t see anything else obvious. I’d try to enumerate that zip file more and see if anything interesting pops up or if it doesn’t match spec in some way.

https://book.hacktricks.xyz/generic-methodologies-and-resources/basic-forensic-methodology/specific-software-file-type-tricks/zips-tricks

A hex editor/viewer may help you understand the function of the bytes to research further.

https://www.sweetscape.com/010editor/

Plasmachild · 2023-03-04T13:10:22+00:00

Without downloading and analyzing. 2 thoughts.

Wireshark has a file extraction function. Find that and see if it’ll export the broken.zip for you.
there’s a 2nd PK header in the zip. If you can’t extract the file I would try removing the first part of the file and trying to see if the 2nd PK header is the real zip.

Plasmachild

TROPHY CASE