Profile avatar
subtee.bsky.social
My posts disappear
108 posts 574 followers 268 following
Prolific Poster
Conversation Starter
Posts 40 Comments 10

I love that you are here posting your political view from your easy chair… Your replies… post quotes Screenshots No one really cares, what you think… you know that? You’re like the dude in the easy chair, eating Cheetos watching the Olympics, seeing the ice skater fall “You gotta land that”

submitted 33 minutes ago • 0 comments

My 2017 BlueHat Slides github.com/secdev02/Talks I always loved BlueHat. Cause I could talk directly to engineers Who 1. Helped me see the scope challenges 2. Acknowledge my concerns But you simply won’t find more people who care than at MSFT “Battle of Hampton Roads” … no wooden ships

submitted 43 minutes ago • 0 comments

I think about this Team lol

submitted 1 hour ago • 0 comments

“All My Rowdy Friends (Have Settled Down)” Or are directors Or founders Not me… Out here Get comfortable While we own your nation Everyone ignores us till we changed your mortgage interest. Cause my friends know… It’s just a database entry Bout to cause havoc just so you feel alive lol

submitted 1 hour ago • 0 comments

All my rowdy friends are now at CrowdStrike I guess lol Anyone still want to just start a 5 person crew, than can rule the world?

submitted 1 hour ago • 0 comments

New login New MFA enrollment Hmmm lol Never underestimate a curious analyst who cares about their customers and company

submitted 1 hour ago • 0 comments

So… not so stealth in the snow are ya lol There are talks we’re never going to give as defenders Just saying…. “Every Contact leaves a trail” Keep up the great work , pretend you are invisible We totally aren’t watching So hard to hide in the snow 😎 Silver bracelets for the crossbar hotel

submitted 1 hour ago • 0 comments

Most people have never watched Bret Victor’s Inventing on Principle So they miss the audience appreciation when he shows us the value of say, time travel debugging This is why nation states win. We put in focus and energy Time travel debug is OLD news my friend. We’ve been doing it for years.

submitted 1 hour ago • 0 comments

Cyber Cloud Chamber Think about that for a moment

submitted 2 hours ago • 0 comments

Early access closed Thank you for the feedback Details week of July 7 Thank you 🙏 to those who responded

submitted 2 hours ago • 0 comments

An old story. About exposing corruption Bel and the Dragon Read it if you want. …But Daniel laughed and restrained the king from going in. “Look at the floor,” he said, “and notice whose footprints these are.” The king said, “I see the footprints of men and women and children.” Iykyk

submitted 2 hours ago • 0 comments

Deception research & value isn’t that difficult. Abandon all “experts” and papers Focus on getting a signal. Get an attacker action to… 1. Make a DNS lookup? 2. Make an HTTP call? 3. Create an event, you can action? Simple stuff. Stop making it hard Set tripwires, smoke alarms , motion sensors

submitted 2 hours ago • 0 comments

I think many of us sat / sit on some amazing exploits Like… Here’s a “perpetual” license key hack lol for CB OG 😎🤣 import hashlib m = hashlib.md5() m.update("yourserver") m.update("5000") m.update("2050-12-31") m.update("2050-12-31") m.update(m.hexdigest().upper()) m.hexdigest().upper()

submitted 3 hours ago • 0 comments

My slides from 2016 BlueHat I remember thinking OH Shit, when is saw msbuild bypass Device Guard But I hope to encourage some one sitting on a great bug class. That is not detectable or preventable, cause it’s a feature Reach out to MSRC Share your work. It helps, even when you are scared

submitted 3 hours ago • 1 comment

Like me and 3 other analysts at CIA have watched Rick Steve’s visit to Iran… More of this. It’s people. Stop making it so abstract and difficult. Travel more? Talk to Iranians who live here? CIA has a horrible past, with Iran, but maybe we can repair? Not bomb. m.youtube.com/watch?v=CYoa...

submitted 4 hours ago • 0 comments

You what’s amazing about US? We have folks here from EVERY SINGLE country on the planet. Many of us are on standby , we can be called to help translate. Lusoga to ? 😎 America is the world’s potluck. Our national treasure!?? Our people are from everywhere ! CN & RU ? Don’t have this 😎

submitted 4 hours ago • 0 comments

Watch Queenpins I was absolutely cackling out loud m.youtube.com/watch?v=v90Y... Just a low rated movie many of you would appreciate Coupon Fraud Like millions!! Watch it … it will lower your threshold for attacker IQ lol

submitted 4 hours ago • 0 comments

m.youtube.com/watch?v=tKeI... “It is your sworn duty to harass, confound, and confuse the enemy to the best of your abilities”

submitted 4 hours ago • 1 comment

Defend the national treasures at all costs Find it Watch it en.wikipedia.org/wiki/The_Tra...

submitted 5 hours ago • 0 comments

Spoiler Alert But you should 100% watch Diamond Heist on Netflix Don’t care ? See thread

submitted 5 hours ago • 1 comment

There are some basics @thinkstcanary.canary.tools Has found these 1. HTTP 2. DNS 3. Event / Action 3 is most interesting AWSApi key is built on this EntraID, Sensitive Command AD Sessions etc. If an attacker does X Think… smoke alarm tripwire Attackers can’t dance thru lasers .. nerd

submitted 5 hours ago • 0 comments

People too often make deception hard. 1. “I’d never fall for that” 2. They try to build elaborate stories or MORE devices / accounts to mange and maintain … defender don’t need MORE work 3. You want signal, tripwire, footprints in ash or snow. You want to know when an attacker visits That’s all

submitted 5 hours ago • 0 comments

One of the extraordinary features of ProjFS I never imagined Fuzzing files So. PRJ_GET_FILE_DATA_CB Allows you to return… We used it when I was at Thinkst, to alert on copy or open Howeva. Hook that shit up to an LLM that spits out bullshit file content! learn.microsoft.com/en-us/window...

submitted 5 hours ago • 0 comments

I’ve built out my course. Deception By Design I’m looking for early access reviews 1. Deception principles & myths 2. Basic offense principles & defense where deception interactions interesect What attackers want What defense “provides” 3. Deception research 4. Spotting fakes. (red teams) 1/2

submitted 6 hours ago • 1 comment

When I need inspiration I return to this talk … Many times m.youtube.com/watch?v=PUv6... It’s time well spent.

submitted 6 hours ago • 0 comments

"A disgruntled IT worker who launched a cyber attack on his employer after he was suspended from work has been jailed." www.westyorkshire.police.uk/news-appeals...

submitted 16 hours ago • 1 comment

Kasm Tech. Legit one of the coolest projects. Like Guacamole But better Community edition run nice in a home lab over Tailscale/Wireguard

submitted 15 hours ago • 0 comments

github.com/20urc3/golem

submitted 17 hours ago • 1 comment

I had three people I greatly respect offer kind and encouraging words to me this week, and it really meant a lot. Never underestimate the power or importance of encouraging others. You can have a tremendous impact on someone’s life with just a few kind words.

submitted 2 days ago • 1 comment

fwd:cloudsec is around the corner! Don't miss these 3 talks from Datadog researchers Seth Sec, Katie Knowles, Greg Foss, and Anthony Randazzo. fwdcloudsec.org/conference/n... @sethsec.bsky.social @siigil.bsky.social @gregfoss.com

submitted 2 days ago • 0 comments

It's not a Friday, but I released a video this morning. It's about something really nice that my friend Adam Shostack is doing. If you find yourself no longer employed by the Fed due to cuts, chaos, etc. Adam is offering you a free seat in his upcoming training. www.youtube.com/watch?v=fPpp...

submitted 2 days ago • 2 comments

Dan Geer and I write on lawfare about AI and code security : www.lawfaremedia.org/article/ai-a...

submitted 2 days ago • 1 comment

@scottpiper.bsky.social Looking for an extra ticket for someone for fwd:CloudSec Next week You know of anyone that can’t use theirs? Or can you point me to a good place to ask? Thanks! Looking forward to the event

submitted 2 days ago • 1 comment

I was interviewed by the National Cryptologic Foundation on forensics in critical infrastructure (and a lot of other stuff!) and it was a very fun chat. They have an interesting assortment of interviews on their podcast and I really recommend you check them out: open.spotify.com/episode/5kzz...

submitted 2 days ago • 0 comments

www.bleepingcomputer.com/news/securit... Whole Foods supplier UNFI restores core systems after cyberattack

submitted 2 days ago • 0 comments

It's impressive how much crypto theft can be automated using ChatGPT to monitor wallets and then automatically pluck out currency. North Korean hackers automate crypto crime with ChatGPT cointelegraph.com/magazine/cha...

submitted 2 days ago • 0 comments

Get out of the kernel.. Will be effective, right about when I’m read to retire in 15 years

submitted 3 days ago • 0 comments

I publish two blog posts today! 📝🐫 First dives into how we're improving the way BloodHound models attack paths through AD trusts: specterops.io/blog/2025/06... Second covers an attack technique I came across while exploring AD trust abuse: specterops.io/blog/2025/06... Hope you enjoy the read 🥳

submitted 4 days ago • 0 comments

This repo is excellent for building a deception system. Attacker never expects some other driver signed by some other entity Craaaazy shit github.com/HyperSine/Wi...

submitted 3 days ago • 0 comments

There is attacking AI And Using AI to attack Different things. One is exceedingly more profitable Sure you can escape prompts in Claude. Cute. But fuzzing crypto libraries? For an interesting variety of NSA cng.sys flaw, have it write you some additional “tests” 1/2

submitted 3 days ago • 1 comment