I posted about a blog post I'd seen on SSH authorized keys command earlier in the week, but the more I think about it, the more I think it'd make a great persistence mechanism.

On a given day, it picks a place to fetch a key from based on a DGA or similar. If the host responds with a public key, the attacker can log in with the corresponding private key and if not it silently fails. Or, you could just use the same approach to run a specific command to for example reset the root password.

Something to watch out for in the future.

#linux, #redteam

Day 1 of posting to social media until I get an offensive security research job

First, I’m going to start with what I know – Windows. I need to recreate what I had access to at Microsoft, so that starts by setting up a dev environment and finding a copy of Windows System Internals, perhaps the greatest resource for learning Windows out there. My expertise is in Windows and virtualization, so I’m going to make sure I master those areas.

Next, I don’t think I want to grind coding exercises, but I do need to shake the rust off my coding skills. I think I’m going to start with some HackTheBox challenges and find some CTFs to participate in.

Finally, my long overdue goal: learn Rust. I’m not sure if this will help immediately, as I could choose to improve my knowledge of Python. But Rust was getting more and more popular in the areas of Windows I was tasked with protecting, so I need to learn what all the fuss is about with regards to memory safety.

If anyone is on a similar journey, let’s hold each other accountable in the comments! I will be sure to document any write-ups at blog.maxrenke.com (work in progress).

New Open-Source Tool Spotlight

Nuclei Templates by ProjectDiscovery: a repository of community-curated YAML templates enabling the Nuclei engine to identify application vulnerabilities. It’s modular, covers CVEs, misconfigurations, and more. #CyberSecurity #OpenSource

Project link on #GitHub https://github.com/projectdiscovery/nuclei-templates

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

Test bench lab for Shellcode Obfuscation

https://github.com/dobin/ShellcodeObfuscationLab

New Open-Source Tool Spotlight

Google's MCP Security repo integrates various security solutions like Chronicle, GTI, SOAR, & SCC via Model Context Protocol servers. Flexible deployment options make it easy to adapt to diverse environments. Documentation is thorough—local Sphinx builds supported. #CyberSecurity #DevOps

Project link on #GitHub https://github.com/google/mcp-security

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

A collection of over 1000 Git repositories with tools for IT security/infosec. Caution, there will be malware

https://github.com/r1cksec/cheatsheets/blob/main/url/git-tools

A post about how to bypass Microsoft Defender for Identity (MDI) by adjusting ciphers in Certipy's PKINIT requests

https://research.aurainfosec.io/pentest/modifying-certipy-to-evade-mdi-pkinit-detection/

A post about how the Microsoft Deployment Toolkit (MDT) can be used for offensive operations

https://trustedsec.com/blog/red-team-gold-extracting-credentials-from-mdt-shares

New Open-Source Tool Spotlight

ScareCrow: A framework for crafting payloads designed to bypass Endpoint Detection and Response (EDR). It flushes EDR hooks in DLLs using methods like `VirtualProtect` & indirect syscalls, ensuring stealth execution. Written in Go, it even uses obfuscation tools like Garble. #CyberSecurity #MalwareDevelopment

Project link on #GitHub https://github.com/Tylous/ScareCrow

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

New blog post! It's a rather short one, nothing crazy. Just wanted to share a random finding I made recently.

'Hijacking the Windows "MareBackup" Scheduled Task for Privilege Escalation'

https://blog.scrt.ch/2025/05/20/hijacking-the-windows-marebackup-scheduled-task-for-privilege-escalation/

New Open-Source Tool Spotlight

"Living off the Land" tactics are a core part of modern offensive and defensive cybersecurity. The GitHub repo 'Awesome LOLBins and Beyond' aggregates tools/resources like LOLBins, GTFOBins, and macOS LOOBins. Essential for red teams and threat hunters. #CyberSecurity #RedTeam

Project link on #GitHub https://github.com/sheimo/awesome-lolbins-and-beyond

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

A post that showcases an example of initial access phishing

https://lorenzomeacci.com/advanced-initial-access-techniques

A blog post that shows how ServiceNow’s MID server and admin features can be used by red teams

https://www.mdsec.co.uk/2025/03/red-teaming-with-servicenow/

New Open-Source Tool Spotlight

Living Off the Land (LOL) techniques exploit legitimate tools for malicious purposes. This GitHub repo curates an impressive list of methods and resources attackers use across endpoints, cloud services, and more. Great for defenders seeking to enhance detection strategies. #Cybersecurity #Infosec

Project link on #GitHub https://github.com/danzek/awesome-lol-commonly-abused

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine

https://github.com/synacktiv/Invoke-RunAsWithCert

Cybersecurity Roles & Domains: Where Do You Fit In?

Cybersecurity isn’t one-size-fits-all — it includes a wide range of roles and domains, each with unique skills and responsibilities.

Whether you enjoy coding, problem-solving, analyzing data, or working with policy — there's a role for you in cybersecurity.

Disclaimer: This content is for educational and career guidance purposes only.

A high-severity vulnerability in Visual Studio Code that allows attackers to escalate a Cross-Site Scripting bug into full Remote Code Execution

https://starlabs.sg/blog/2025/05-breaking-out-of-restricted-mode-xss-to-rce-in-visual-studio-code

New Open-Source Tool Spotlight

ProjectDiscovery’s **Naabu** is a fast, lightweight port scanner built in Go. Key features: SYN/CONNECT/UDP scans, Shodan InternetDB integration for passive enumeration, IPv4/IPv6 support, and seamless Nmap service discovery. Ideal for bug bounties & pentests. #PortScanning #Cybersecurity

Project link on #GitHub https://github.com/projectdiscovery/naabu

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

Last chance: today is the final day to get Early Bird pricing for all @blackhatevents courses. Prices go up after tonight.

Register today before prices increase:
https://blackhat.informafestivals.com/usa/2025/

Join us for:

Advanced Threat Emulation: Active Directory
Hands-on training in Kerberos abuse, credential dumping, and multi-domain compromise.
Aug 2–3: https://www.blackhat.com/us-25/training/schedule/#advanced-threat-emulation-active-directory-43759
Aug 4–5: https://www.blackhat.com/us-25/training/schedule/#advanced-threat-emulation-active-directory-437591736893489

Advanced Threat Emulation: Evasion
Learn how to evade EDR, obfuscate payloads, and stay stealthy in real-world lab environments.
Aug 2–3 and Aug 4–5 (same links as above)

Aviation Systems & ICS Security Bootcamp
Four days of hands-on ICS and aviation security, from MIL-STD-1553 to PLC exploitation.
Aug 2–5: https://www.blackhat.com/us-25/training/schedule/#aviation-systems-and-ics-security-bootcamp-44469