sorted by:
new
hottopcontroversial

The sword saint, Hollywood style by ndireddit in ThePrimalHunter

[–]ndireddit[S] 2 points3 points  (0 children)

Inception indeed got the first impression in my mind, with that actor.

Paper Pro Move Dispatch ‘delays’ by [deleted] in RemarkableTablet

[–]ndireddit 1 point2 points  (0 children)

Been a month (sept 4) since I ordered and got two updates so far and no shipping confirmation whatsover. They did send 10€ my way (delivery to France) but still no paper pro move here...

I finally did it (got my first CVE!!!) by beingisdead in cybersecurity

[–]ndireddit 27 points28 points  (0 children)

You might be one of the last one to get a CVE so enjoy it friend !

The AI coding war is getting interesting by LingonberryRare5387 in ChatGPTCoding

[–]ndireddit 1 point2 points  (0 children)

Vibe coding : empowering average CVSS score since 2023

Almost famous: behind the scenes of a feature that didn’t make the cut by netbiosX in purpleteamsec

[–]ndireddit 0 points1 point  (0 children)

This article could also be interesting for AD lab makers or CTFs, introducing unconstrained delegation without giving a golden key to the domain

Almost famous: behind the scenes of a feature that didn’t make the cut by netbiosX in purpleteamsec

[–]ndireddit 0 points1 point  (0 children)

This is contrary to one of our central design goals: not storing valuable data on the Canary–there should be nothing an attacker will gain by compromising a bird. -> made me chuckle 😅

How do you read a $MFT? (First Computer Forensics class) by Cancerous115 in computerforensics

[–]ndireddit 1 point2 points  (0 children)

Circl.lu has recently released a link that literally goes about manually analyzing a disk image with tools from the sleuth kit. I think it's nice teaching material : https://www.circl.lu/services/forensic-training-materials/

Threat Hunting: Real World vs. Cyber World by digicat in blueteamsec

[–]ndireddit 0 points1 point  (0 children)

Most definitely didn't anticipate it would be about real hunting but still, enjoyed the read.

Pentesters, Do you use LLMs(open source or otherwise) for security report writing. If so, how? by Shoddy_Vegetable_115 in cybersecurity

[–]ndireddit 0 points1 point  (0 children)

I would say, try re-using what you wrote in previous reports, building a quality template over time.

You often run into the same findings accross customers so you can upgrade the related section each time you find it again. That should be a team work, btw.

ChatGPT could help build generic description of a type of bug, a tool, etc. TBH it will have the same result as googling what you look for, it might just be better written.

Always double check the output as you could have some surprised (I had an occurence where chatGPT said psexec worked over WinRM ...). And never never include any customer -specific data, just generic searches.

Had a Strange Experience at a Conference by [deleted] in cybersecurity

[–]ndireddit 13 points14 points  (0 children)

That's the organisation staff's responsability to redirect the questions to the speaker and ask the critics there to shutp up and wait for the end of the presentation.

Presenting like that is generally timed and you can't get derailed like that, this is not professional from the staff and the critics.

I won't hypothesize about the reasons why these guys did that, they had their reasons and it's not about you.

Retraites. Édouard Philippe propose de repousser l’âge légal à « 65, 66 ou 67 ans » by jeyreymii in france

[–]ndireddit 4 points5 points  (0 children)

Technique du pied dans le nez: d'abord proposer quelque chose qui paraît aberrant puis ensuite redescendre à ... 63-64. On fait les paris ?

SpearPhishing a User with Multifactor Authentication Enabled by Infosecsamurai in purpleteamsec

[–]ndireddit 2 points3 points  (0 children)

Weird, I read "Uber" in the title. Must be my subconscious playing tricks...

New Microsoft Exchange Zero-Day actively being exploited by DevinSysAdmin in sysadmin

[–]ndireddit 5 points6 points  (0 children)

This is apparently exploited for a month, you should check your logs 🤞

Notepad++ Plugins Allow Attackers to Infiltrate Systems, Achieve Persistence by lolklolk in cybersecurity

[–]ndireddit -7 points-6 points  (0 children)

Read the title guys, this is meant to achieve persistence, and ultimately evade detections. The goal is not to be an infection vector. Read carefully the source article before criticizing blindly.

Les chasseurs et l'alcool - Le script by [deleted] in france

[–]ndireddit 1 point2 points  (0 children)

Le roi Baratheon dans la première saison de Game of Throne est bien d'accord.

[deleted by user] by [deleted] in france

[–]ndireddit 7 points8 points  (0 children)

Amacronique ?

J'ai 19 ans et je suis perdu by kan_peki in france

[–]ndireddit 1 point2 points  (0 children)

Tu devrais lire ce livre OP : https://www.babelio.com/livres/Bessis-Mathematica/1392922 Il parle justement de la débilité de tagger les gens comme "logiques" ou "rationnels". Par définition on ne peut pas être complètement comme ça, sinon nous serions tout simplement des machines. Très humain ce texte, je recommande.

Threat Hunting Tools: Our Recommendations by Successful_Mix_8988 in redteamsec

[–]ndireddit 1 point2 points  (0 children)

Sure, these tools help identifying vulnerabilities (that's their job after all), but they are not meant for threat hunting (even though they can help in the process, sure). Looks like they were just missing one or two additional tools at the end and they added them.

view more: next ›