Ian's Avatar

Ian

@ark0x00

Threat Hunt Analyst @ BlueVoyant | Former Military | Old Punk and Snowboarding Junky | Simracer

89
Followers 271
Following 17
Posts 22.11.2024
Joined
Posts Following

Latest posts by Ian @ark0x00

It’s all about using it as a tool to learn. Verify everything, treat results with suspicion but allow it to help. AI is a tool and we have to be sure we’re using it to our advantage.

06.03.2026 18:59 👍 1 🔁 0 💬 0 📌 0

I’m all in on Agentic Threat Hunting and Malware analysis. Let’s goooo

Any questions? let me know!

06.03.2026 18:50 👍 0 🔁 0 💬 0 📌 0
Preview
‘A different set of rules’: thermal drone footage shows Musk’s AI power plant flouting clean air regulations Images confirm xAI is continuing to defy EPA regulations in Mississippi to power its flagship datacenters

www.theguardian.com/environment/...

16.02.2026 19:25 👍 1388 🔁 684 💬 68 📌 28

It’s real shitty how some high-level people in our industry had ties to one of the worst people imaginable. 😡

15.02.2026 15:13 👍 4 🔁 2 💬 0 📌 0
Video thumbnail

“In less than a year, DHS has attacked the 1st, 2nd, 4th, 5th, 6th, 8th, 10th, 14th amendments to the US Constitution, the writ of habeas corpus, the independent judiciary, and much more,” states @David_J_Bier before the Senate Judiciary Subcommittee. 🗽

Read full testimony: ow.ly/PoUQ50Yfc34

15.02.2026 15:16 👍 170 🔁 129 💬 3 📌 9
Preview
spongebob says well good luck with that in a cartoon Alt: spongebob standing with a confused look and then abruptly changes his demeanor to happily say "well good luck with that." Then raises his hand and says "see ya!" Before walking away.

Them: we can deploy AI that will scale our mission and people will pay us so much money it will replace other parts of our revenue pipeline!

Me:

11.02.2026 04:17 👍 1 🔁 1 💬 0 📌 0

I hope these fuckers burn.

03.02.2026 16:21 👍 0 🔁 0 💬 0 📌 0
Post image

> Notepad++ says infra compromised
> Suspects Chinese state-sponsored hackers
> "Why would China hate Notepad++????"
> Look inside

02.02.2026 15:45 👍 59 🔁 16 💬 1 📌 0

I wrote a Sobriety Tracking and Motivation app yesterday for those of us trying to quit really anything. For me I hope it can help me stop the Camel Snus habit I picked up after I quit smoking some 15 years ago… Will get it on the stores today

github.com/hartescout/s...

01.02.2026 17:30 👍 0 🔁 0 💬 0 📌 0

I found the first investigative file from the first complainant against Epstein in 2005.

There are descriptions from the officer, over several interviews of the girl, of her pulling her knees up on the chair, drawing doodles, & the officer high-fiving her to keep her calm as she speaks of horror.

31.01.2026 20:57 👍 3008 🔁 1236 💬 49 📌 194

Here's a thread that you should all read, even though it will make you want to punch a wall

31.01.2026 22:21 👍 679 🔁 255 💬 20 📌 6

This is just insane. It’s only a matter of time before DHS kills another innocent person here.

(clip via MPR and @davidjbier.bsky.social on X)

31.01.2026 18:13 👍 29295 🔁 13269 💬 1767 📌 1199
Preview
How to Film ICE Filming federal agents in public is legal, but avoiding a dangerous—even deadly—confrontation isn’t guaranteed. Here’s how to record ICE and CBP agents as safely as possible and have an impact.

granular, practical, well organized info here:

www.wired.com/story/how-to...

31.01.2026 22:25 👍 5718 🔁 2955 💬 145 📌 101
U.S. Reaches Trade Deal with Pedotopia

U.S. Reaches Trade Deal with Pedotopia

Not sure how @theonion.com stays on top of breaking news like this but the print edition just showed up at my house with this:

30.01.2026 21:17 👍 3791 🔁 569 💬 39 📌 12
Christmas sweater that says "Disappointments, All Of You" with DeJesus in the background

Christmas sweater that says "Disappointments, All Of You" with DeJesus in the background

09.12.2025 02:42 👍 0 🔁 0 💬 0 📌 0

Working on React2Shell has proven frustrating. Fuck this shit imma play some @arcraiders.bsky.social

09.12.2025 02:40 👍 1 🔁 0 💬 0 📌 0

If you're an IT admin here's a few things you can check before your next internal pentest...

- credentials in unattend.xml files purged
- local admin rights for regular users removed
- edr installed on EVERY host

🧵 1/2

19.03.2025 14:12 👍 8 🔁 1 💬 1 📌 0
Preview
Wired is dropping paywalls for FOIA-based reporting. Others should follow As the administration does its best to hide public records from the public, Wired magazine is stepping up to help stem the secrecy

They're called public records for a reason. Starting today, WIRED will *stop paywalling* articles that are primarily based on public records obtained through the Freedom of Information Act, becoming the first publication to partner with @freedom.press to offer this for our new coverage.

18.03.2025 13:11 👍 91889 🔁 23503 💬 1639 📌 2079
Post image

12.03.2025 02:29 👍 54161 🔁 10854 💬 815 📌 697

#100DaysOfKQL

Day 69 - Potential Terminal Server or TermService Tampering via RDPWrap

The virus I have caught up to my family yesterday and it was not possible for me to post a query. Hopefully we'll get through it soon.

#MissedStreak

github.com/SecurityAura...

12.03.2025 02:08 👍 1 🔁 1 💬 0 📌 0
Post image

If you're going to @bsidessd.bsky.social, come say hi.

10.03.2025 11:51 👍 2 🔁 2 💬 0 📌 0

Say what now?

12.03.2025 20:22 👍 0 🔁 0 💬 0 📌 0
Preview
Joe Brinkley aka The Blind Hacker by Phillip Wylie Show Summary In this episode, Joe Brinkley, also known as the blind hacker, joins Phillip Wylie to discuss his hacker origin story and offer advice for breaking into offensive security and pen testing. They also explore the commoditization of pen testing, the evolution of the industry, and the challenges of testing complex environments. Joe shares his insights on the different generations of hackers and the role of automation and AI in pen testing. He also talks about his work with the Mentor Village and offers resources for those interested in starting their own cybersecurity brand or company. Takeaways Joe Brinkley, also known as the blind hacker, shares his hacker origin story and offers advice for breaking into offensive security and pen testing. The commoditization of pen testing has led to a shift in the industry, with companies seeking budget-friendly alternatives and rotating vendors frequently. Automation and AI play a significant role in pen testing, allowing for faster and more efficient testing, but human expertise is still crucial for in-depth analysis and finding vulnerabilities that automated tools may miss. The industry is currently in the sixth or seventh generation of hackers, with increased access to education and tools, but also more complex environments to test. Joe Brinkley is actively involved in the Mentor Village, offering mentoring, education, and resources to those interested in cybersecurity. He encourages individuals to build their own cybersecurity brand and consider starting their own cybersecurity company, emphasizing the importance of branding and networking in the industry. Sound Bites "I don't care who you go to, learn something." "Long-term security is the value we provide" "People are looking for a budget-friendly alternative because compliance and insurance now require yearly security activities." Resources https://www.linkedin.com/in/brinkleyjoseph/ https://x.com/TheBlindHacker https://x.com/deadpixelsec https://deadpixelsec.com/ Chapters 00:00 Introduction and Background 06:24 Advice for Breaking into Offensive Security 10:39 The Commoditization of Pentesting 15:53 The Impact of Compliance and Cyber Insurance 22:03 Challenges Faced by Practitioners in Limited Time Windows 25:33 The Evolution of Hackers and Accessibility of Education and Tools 30:36 The Role of Automation, Orchestration, and AI in Modern Pentesting 36:23 Building Cybersecurity Brands and the Mentor Village 41:14 Conclusion 41:52 Phillip Wylie Show Outro Video.mp4

Joe Brinkley aka The Blind Hacker podcasters.spotify.c...

12.03.2025 16:04 👍 3 🔁 2 💬 0 📌 0
Preview
GitHub - mattifestation/WDACTools: A PowerShell module to facilitate building, configuring, deploying, and auditing Windows Defender Application Control (WDAC) policies A PowerShell module to facilitate building, configuring, deploying, and auditing Windows Defender Application Control (WDAC) policies - mattifestation/WDACTools

If you wish to inspect an on-device (binary) policy file, you'll need WDACTools: github.com/mattifestati...

With this, you can run ConvertTo-WDACCodeIntegrityPolicy to get a stripped-down human-readable XML policy.

12.03.2025 13:18 👍 3 🔁 1 💬 1 📌 0

#100DaysOfKQL

Day 45 - Potentially Renamed Binaries

A bit different today where I'm giving you the base KQL recipe to accomplish something and provide an example.

Credit goes to @falconforceteam.bsky.social FalconFriday which helped me get set_has_element() right.

github.com/SecurityAura...

15.02.2025 03:11 👍 2 🔁 1 💬 1 📌 0
Preview
Forging modern security with Microsoft Security Copilot Discover how Microsoft Security Copilot modernizes security operations and defense intelligence through Generative AI and Microsoft’s Threat Intelligence. A fusion of innovation, vigilance, and adapta...

Today at 5pm in the Javits Center I'll be talking about Forging modern security with Microsoft Security Copilot. I hope you can join!

aitour.microsoft.com/en-US/sessio...

#MSAITour

30.01.2025 19:33 👍 1 🔁 1 💬 0 📌 0
Post image

Incoming blog

30.11.2024 18:40 👍 5 🔁 1 💬 0 📌 0

learned “cd” before I learned about CDs

30.11.2024 01:02 👍 183 🔁 2 💬 3 📌 2
Preview
AzSentinelQueries/Defender XDR/DefenderForIdentityInventory.md at master · f-bader/AzSentinelQueries Repository with Sentinel Analytics Rules, Hunting Queries and helpful external data sources. - f-bader/AzSentinelQueries

Use exposure management data in #XDR to find all domain controllers and check if #MDI is installed.

29.11.2024 18:30 👍 28 🔁 7 💬 2 📌 0