Dino

GitHub - Mojo8898/aliasr: Aliasr is a modern, feature-rich TUI launcher for penetration testing commands inspired by Arsenal, but with significantly improved functionality. Aliasr is a modern, feature-rich TUI launcher for penetration testing commands inspired by Arsenal, but with significantly improved functionality. - Mojo8898/aliasr

github.com/Mojo8898/ali... - very cool #redteam tool, handy when your syntax is maybe a little off or you just want an improved chance of staying ahead. either way very cool to play around with for CTF

#cyber #cybersecurity

Why is Everyone So Wrong About AI Water Use?? YouTube video by Hank Green

www.youtube.com/watch?v=H_c6... Solid watch for any folks interested in AI water useage. It is pretty interesting how you could get an honest answer that is both insanely big and insanely small and it just matters how the person crunched the numbers.

#AI #LLM

How to operationalize the OWASP LLM top 10 and (actually) secure GenAI apps Deploying LLMs without chaos means treating the OWASP LLM Top 10 like an engineering spec. Learn how to turn each risk into real controls, harden pipelines, and secure GenAI apps.

www.hackthebox.com/blog/operati... - Solid read on operationalizing OWASP security recommendations.

#Cybersecurity #AIsecurity

0. AI Security Overview – AI Exchange Comprehensive guidance and alignment on how to protect AI against security threats - by professionals, for professionals.

owaspai.org/docs/ai_secu... Some solid AI security resource from the OWASP AI exchange.

#cybersecurity #OWASP #AI #AIsecurity #LLM

GitHub - Maldev-Academy/DumpBrowserSecrets: Extracts browser-stored data such as refresh tokens, cookies, saved credentials, credit cards, autofill entries, browsing history, and bookmarks from modern... Extracts browser-stored data such as refresh tokens, cookies, saved credentials, credit cards, autofill entries, browsing history, and bookmarks from modern Chromium-based and Gecko-based browsers ...

github.com/Maldev-Acade... - Really cool tool for any Red teamers looking to dump browser credentials. Take a look and thank the folks over at Mal Dev academy.

#cybersecurity #redteam #offensivesecurity

arcanum-sec.github.io/arc_pi_taxon... - Cool tool from Arcanum security building out different prompt injection classifications and some fun ideas if you are looking to test for some things.

www.ste.gg - Awesome new tool from the folks at BT6! if you have any quick and dirty stego needs

#cybersecurity #cyber

IBM AI ('Bob') Downloads and Executes Malware IBM's AI coding agent 'Bob' has been found vulnerable to downloading and executing malware without human approval through command validation bypasses exploited using indirect prompt injection.

www.promptarmor.com/resources/ib... - This is a pretty great write up on AI agent running ransomware keep a good eye on your agents

#AIsecurity #LLMsecurit #cybersecurity #ai

leakhub.ai - pretty neat new site from Pliney the hacker for leaked AI system prompts

#AI #LLM #cybersecurity

OWASP Top 10 LLM Security Risks with Mitigation OWASP Top 10 LLM Security Risks: An interactive diagram maps each risk, attack path, and concrete mitigation you can explore to secure AI systems in production

www.paloaltonetworks.com/resources/in... This is a pretty awesome Infographic from @paloaltonetworks.com on OWASP top 10 for LLM security risks. #LLM #AI #Security #Cyber

It be like that.... more than sometimes. #cybersecurity #Redteam #EDR

It be like that.... more than sometimes. #cybersecurity #Redteam #EDR

AI Privacy Course | HTB Academy This module explores privacy attacks against machine learning models and the differential privacy defenses that protect models from such attacks.

academy.hackthebox.com/course/previ... Some really interesting courses dropping from HTB on AI privacy and defense today!

#LLM #privacy #AI

How We Caught Lazarus's IT Workers Scheme Live on Camera See how Lazarus Group's IT workers scheme was exposed on a live camera using real-time monitoring inside ANY.RUN’s sandbox.

any.run/cybersecurit... THIS is such a cool analysis inside the Lazarus groups operations #cyber #cybersecurity #malware

Humble Tech Book Bundle: Hacking by No Starch Turn your curiosity about computer hacking into a fast-paced, proven, and practical career with the latest Humble Tech Book Bundle!

There’s a new Humble book bundle featuring a set of No Starch Press books on Hacking. For a limited time, pay what you want AND support EFF’s fight for privacy and free speech online! www.humblebundle.com/books/hacki...

It will only be weird for like a year that every new ransomware discovery gets tagged as "Satoru Gojo" #cybersecuirty #meme

Threat Watch: Spotting Kerberoasting from a blue team perspective | Learn with HTB YouTube video by Hack The Box

www.youtube.com/watch?v=pRij... - This was a really really good break down on Kerberoasting for Blue Teams highly recommend to any folks looking to understand how to triage a Kerberoasting attack.

#cybersecurity

www.exploit-db.com/google-hacki... Kind of neat I didn't know Offsec kept a database of useful google dorks

#cybersecurity #OSINT

Man these @groktr.bsky.social upgrades are sick clearly not kissing ass at all #ai #llm #memes

GitHub - Pennyw0rth/NetExec-Lab: Lab used for workshop and CTF Lab used for workshop and CTF. Contribute to Pennyw0rth/NetExec-Lab development by creating an account on GitHub.

github.com/Pennyw0rth/N... I feel a netexec theme today apparently. This is a netexec lab you can build to play around with Active directory. may be worth a shot if you are practicing for OSCP or just want to level up AD #ActiveDirectory #RedTeam #Netexec

Home Dominate Active Directory with PowerShell. . Contribute to The-Viper-One/PsMapExec development by creating an account on GitHub.

github.com/The-Viper-On... Pretty cool tool if you are doing red teaming from a windows host. Great to add in for Commando VM from Mandiant #redteam #cyber #tool Basically it is crackmap/netexec just built in Powershell.

Practical SOC Analyst Professional (PSAP) Certification - TCM Security Enhance your SOC Analyst skills by earning the Practical SOC Analyst Professional (PSAP) certification. Includes training and one free retake!

@tcmsecurity.bsky.social just dropped their new SOC200 course great for anyone looking to build labs and get better at incident response and threat hunting.

certifications.tcm-sec.com/psap/?utm_so...

AI Red-Teaming Design: Threat Models and Tools | Center for Security and Emerging Technology Red-teaming is a popular evaluation methodology for AI systems, but it is still severely lacking in theoretical grounding and technical best practices. This blog introduces the concept of threat model...

cset.georgetown.edu/article/ai-r... - Great article on Ai Red teaming #Cybersecurity #AI #AIsecurity

State of Exploitation - A look Into The 1H-2025 Vulnerability Exploitation & Threat Activity | Blog | VulnCheck A Look into the Last 6-months of Vulnerability Exploitation… January-June 2025

www.vulncheck.com/blog/state-o... some great threat intel from Vulncheck

The Everyday American Who Hustled for North Korea The Journal. · Episode

open.spotify.com/episode/1fEa... - North Korean's inflitrating US companies for cash is pretty big news right now and also pretty fascinating. This story is about one of the folks who manage a north Korean laptop farm and its pretty interesting.

#Cybersecurity #Laptopfarm

www.hackthelogs.com/mainpage.html Another great resource for Detection Engineers and anyone working with SIEM's

#Cybersecurity

Cross-Site Scripting (XSS) Cheat Sheet - 2025 Edition | Web Security Academy Interactive cross-site scripting (XSS) cheat sheet for 2025, brought to you by PortSwigger. Actively maintained, and regularly updated with new vectors.

Really cool one for anyone in Appsec or red team awesome XSS cheat sheet from PortSwigger.

portswigger.net/web-security...

#Cybersecurity #Cheatsheet #Appsec

hopefully they do better than the City of Columbus did during their ransomware incident last year.

Top CVE Trends & Expert Vulnerability Insights Stay ahead with the latest insights on trending vulnerabilities. Discover today's top 10 CVEs on social media. Get free and expert commentary from Intruder

cvemon.intruder.io - Great tool for any folks in Vulnerability Management. Helpful to see whats going on in CVE's.

#VulnManagement #cybersecurity

AI Red Teamer Job Role Path | HTB Academy The AI Red Teamer Job Role Path, in collaboration with Google, trains cybersecurity professionals to assess, exploit, and secure AI systems. Covering prompt...

academy.hackthebox.com/path/preview... - Killer resource for anyone in Cybersecurity looking to level up their skills on AI security!

#AIsecurity #cybersecurity #redTeam