🕵️‍♂️ Bridging criminal justice and detection engineering… I’m excited to share my latest blog with Huntress, where I merge my academic background in criminal justice with my passion for detection engineering. By applying criminological theories, we gain deeper insights into

Looks like John Hammond got turned into a Chess.com bot 🤖!! They might have nerfed his Elo, and even gave him an Magnus Carlsen obsession. 🤣 But at least the wit, jokes and sarcasm made the cut!

This shouldn’t be a topic up for debate and also applies to pentesting. You need to know your tools which often requires looking at code and running them in a lab for observable IoCs.

💯 percent agreed! But… Wild how everyone’s focused on wiping payloads, but no one mentions cleaning up AD—things that got modified, deleted, or added. Like yeah, your tools are gone, but AD’s still wearing the scars.

Kerberos-KDCProxy Event 400: ‘An HTTP request was received.’ 🎉 After combing through Kerberos logs for ages, I’ve never felt more enlightened! 🤪

Late Friday blog drop! Huntress had some fun with #DefendNot by es3n1n 😈 This tool shows that defense evasion isn’t just about avoiding tools—it’s about bending them. Here’s how attackers turn your security products into blind spots. 🛡️ huntress.com/blog/defendnot…

“Of course I got two words for ya…” “BOF WHEN?!”

“This leverages the Microsoft-Windows-DotNETRuntime ETW provider which is often 'patched' - but why would someone patch an provider they don’t think anyone is collecting data from?” 😈

Back to blogging with Charlie Clark! Not the post title, just a little snippet 👀 Coming soon 😈

Happy to finally share a new blog with Charlie Clark on our work revisiting the Kerberos Diamond Ticket. ✅ /opsec for a more genuine flow ✅ /ldap to populate the PAC 🆕 Forge a diamond service ticket using an ST We finally gave it a proper cut 💎 huntress.com/blog/recutting…

Excited to be co-hosting the first onsite DEATHCon with just_a_lurker in Austin, TX. It’s happening 😈 Don’t miss this 🤘 eventbrite.com/e/deathcon-202…

Still need a ticket to DEATHCon in Austin? Just a few left. Grab yours before they’re gone ⬇️