Profile avatar
johnhammond.bsky.social
Hacker. Friend. Cybersecurity Researcher at Huntress.
63 posts 7,367 followers 28 following
Regular Contributor
Active Commenter
Posts 29 Comments 21

DLL hijacking with the native and built-in Windows utility Dism.exe -- simple MessageBox and obligatory reverse shell demo, then some handy penetration testing resources for tricks and opportunities with other programs :) youtu.be/uY8BpZBF2f0

submitted 27 minutes ago β€’ 1 comment

Unmasking cybercriminals? πŸ€” @flaresystems 's next free training is on 3/18 at 11am ET and they asked me to help spread the word – honestly I’d share this one anyway, it’s too cool πŸ˜… They even have @fs0c131y joining the party! OSINT & more, register here: jh.live/flare-academy

submitted 1 day ago β€’ 1 comment

I got a chance to try the TryHackMe SOC Simulator, and it is super cool -- here's a lil' video showcase working through the first scenario 😎 The full version is available with TryHackMe for Business but there are scenarios available for free users too! youtu.be/dIu0bvtGbmU

submitted 4 days ago β€’ 2 comments

The Snyk Fetch the Flag CTF event kicks off TOMORROW πŸ₯³ February 27th, 9:00 AM EST, join the fun for a Jeopardy-style game and sweet prizes like a Quest 3S headset. Honestly I really love the challenges we have for this one, I hope you join the party: https://snyk.co/johnftf

submitted 5 days ago β€’ 0 comments

hello it's me AGAIN with MORE Snyk Fetch the Flag CTF preaching -- the game I'm hosting with @snyksec on February 27th! This time we have challenges with... plants??? Wait, is there even a vulnerability in this one?? Find out THIS THURSDAY! Register here: πŸ˜„ https://snyk.co/johnftf

submitted 7 days ago β€’ 0 comments

Oh PS, I got to chat with @0xLupin a bit ago to hear all of his crazy cool supply chain horror stories! 🀩 Wild vulnerabilities and insane potential impact bugs, adventures with his budding tool Depi, and just seriously cool research: https://youtu.be/9EHW9_S1p9o

submitted 10 days ago β€’ 1 comment

The Talon debloater tool for Windows released a few days ago had some surrounding chatter on "is it malware?"... so this video is a casual exploration of the code. Food for thought at the end, so I'll ask you if it's really considered malware or not 😜 https://youtu.be/1VdscQ8QCkY

submitted 11 days ago β€’ 1 comment

Another lil’ challenge preview for the Feb 27th Snyk Fetch the Flag CTF event! 😜 Find and exploit vulnerabilities at the D0nut Shop and capture that flag – maybe get a donut while you’re at it! Feb 27th, 12 hour game, all online and completely free: https://snyk.co/johnftf

submitted 11 days ago β€’ 0 comments

Whoops, yet another hype tweet for the Snyk Fetch the Flag CTF that I'm co-hosting with @snyksec this year! February 27th, try your hand against the Open Source Unfurler! πŸ‘€ Pulling metadata from any URL must have some security concerns, right? Register to see for yourself: https://snyk.co/johnftf

submitted 13 days ago β€’ 0 comments

Super cool to see @Microsoft joining forces with members of the scam fighting community to build out the new scareware blocker in @MicrosoftEdge. Stops website popups that lead to all too common tech support scams -- awesome feature and great mission! https://youtu.be/hApyhYYxOyU

submitted 14 days ago β€’ 3 comments

Quick showcase disabling the Windows+R hotkey -- preventing opening the Run dialog box and helping limit the ClickFix malware attack surface! Though the video is longer than just that... I chat about all the reCAPTCHA craziness and conundrum... πŸ‘€πŸ™ƒ https://youtu.be/Wm0kqSlyEjE

submitted 15 days ago β€’ 1 comment

A TikTok user has been repeatedly posting clips and videos on how to "activate software" like ChatGPT, Office 365, CapCut, Adobe Premiere and more... but in all reality, tricking victims into running infostealer malware. πŸ‘€ https://youtu.be/03FPDBjpsKo

submitted 18 days ago β€’ 3 comments

Another teaser for the Feb 27th Snyk Fetch the Flag CTF event I'm co-hosting with @SnykSec this year! See what shenanigans you can uncover with the "Robco Industries (TM) Termlink" and try and track down a flag -- once the game starts! Register here: 😊 https://snyk.co/johnftf

submitted 18 days ago β€’ 0 comments

The "Linux for Hackers Fundamentals" course that I put together is now on presale on @HackingHub_io for just $20 (instead of $50)! πŸ’»πŸŽ‰ If you’d like you can snag it here: http://hhub.io/jhlff PS, we’re doing a cheesy free giveaway for 3 winners! Comment below and we'll DM the winners on Monday 😜

submitted 19 days ago β€’ 6 comments

Simple showcase "backdooring local git repositories" with git hooks for commits, merges, pushes & more, and git aliases for a peculiar approach of almost "typo squatting" mistakes on the command-line... all for a nifty persistence mechanism! https://youtu.be/Y93E37o5geE

submitted 20 days ago β€’ 1 comment

Windows Batch malware analysis that turns into more than we bargained for -- multiple payloads and stages across PowerShell, VBScript, .NET (breaking AMSI and ETW πŸ‘€) ending with a RAT and decrypting the config that brings us right back full circle 😎 https://youtu.be/sznUqJHlzUo

submitted 22 days ago β€’ 1 comment

Some teasers for the Snyk Fetch the Flag CTF event that I’m co-hosting alongside @SnykSec this year!πŸ˜‰ Test your skill against VulnScanner, and see if you can track down any vulnerabilities on the app itself! Game starts Feb 27 – I hope you play! πŸ˜„https://snyk.co/johnftf

submitted 25 days ago β€’ 0 comments

A scam scenario... from a SOC perspective! Worlds collide between scambait content and endpoint security education -- with a potential victim uncovered by the artifacts of what the scammer wrote in Notepad!πŸ‘€ We uncover everything in this super cool story: https://youtu.be/F4mXdm5dqrw

submitted 29 days ago β€’ 1 comment

PS, I’m co-hosting the Snyk Fetch the Flag CTF event along with @SnykSec this year! 🀩 Super flattered for the opportunity to put on another game. Feb 27th, Jeopardy-style, 12 hour run & prizes like a Meta Quest S3 headsetπŸ‘€ Please come play my CTF! 😁 πŸ‘‰ https://snyk.co/johnftf

submitted 39 days ago β€’ 1 comment

Exploring a fake ChatGPT browser extension with some sketchy syntax to exfiltrate Facebook usernames and passwords -- the "FakeGPT" Lab from CyberDefenders! https://youtu.be/4HG2rwvhb-8

submitted 41 days ago β€’ 1 comment

The recent fake Google Ads Homebrew malware shenanigans in video form -- we track down the payload from Wayback Machine (and/or VirusTotal), crack it open it with Binary Ninja and uncover the AppleScript syntax to see the full AmosStealer payload πŸ™‚ https://youtu.be/Nlnuk8W2A0Y

submitted 42 days ago β€’ 1 comment

Hunting for Scam Popups πŸ‘€ Showcasing a handful of resources, including passive intel feeds for "scareware," and a options for active hunting via malicious ads, typo-squatted domains, Google Dorks, etc... and pivoting to discover even more with URLscan! https://youtu.be/bOCe1N78QDo

submitted 43 days ago β€’ 1 comment

Binary Ninja scripting tricks, a simple showcase of their BinaryView object with Python to easily pull out encrypted data and reimplement a loop to extract an embedded second stage payload -- in a previous SystemBC malware sample! 😁 https://youtu.be/kgyRiQqc1FU

submitted 46 days ago β€’ 1 comment

Detection Engineering with Wazuh! A demo configuring Sysmon, reviewing event logs, building a proof-of-concept detection rule, and then leveling up with detectors for the DeerStealer malware.πŸ™‚ https://jh.live/nSOqU1iX5oQ

submitted 47 days ago β€’ 1 comment

Trying my hand at a "documentary style" video, much more narrative than a usual demo... "The State of Cybercrime [2024]", with highlights on the Redline Stealer takedown (Operation Magnus), the Snowflake breach, Scattered Spider, "The Com", and more πŸ‘€ https://jh.live/jan15-2025

submitted 48 days ago β€’ 1 comment

BLOB Based Phishing Scams πŸ‘€ A DocuSign themed phish with some extra noteworthy bells and whistles, between how easily the lure is hosted and a cutesy trick to display the final credential harvester ;) https://jh.live/I9SDnshT3pk

submitted 49 days ago β€’ 1 comment

Godot Game Engine Makes Malware πŸ‘€ Looking at a previous report from Check Point Research, and then cracking open Godot ourselves for a proof-of-concept download cradle in GDScript with a Havoc C2 demon agent for a callback 😈 https://jh.live/fV-pTu5T59M

submitted 54 days ago β€’ 4 comments

Spying on Scammers πŸ‘€ This year's finale with my first foray into "scambait content" -- showcasing how scam call centers send fake invoice emails en masse... and uncovering what looks to be a business front to hide their scamsπŸ€” https://jh.live/n-31cfEZPu8

submitted 63 days ago β€’ 1 comment

"I Stole My Own Reddit Account" -- a session hijacking demo! With background context on cookies, initial access via LNK cradle, running custom infostealer payloads in PowerShell, and a full account takeover that we explore with an anti-detect browser! 😈 https://jh.live/hdE4l6O_xXM

submitted 82 days ago β€’ 1 comment