Chris Elgee

Thanks again for having me, Red Siege fam!

Two good-looking avatars (one blinking) in the 2025 Holiday Hack game world

The 2025 SANS Holiday Hack is open!
www.sans.org/holidayhack

Shoot, I always blink when the photo's taken...

Yay for innovative phishing?

Is it "punching down" when vets/service members pick on the Air Force? (-:

SECURITY VS. DEFENSE: A VITAL DISTINCTION FOR THE HOMELAND The U.S. Army War College (USAWC) recently hosted its 2025 Homeland Defense Symposium, gathering experts to tackle the complex issues of defending the homeland. A key focus was clarifying the differen...

I know I'm a mil nerd when I get excited about a quote like:

"We want our military to be our servant - never our overseer."

It's one of those truisms those of us in uniform all feel but maybe never had the words to speak.

warroom.armywarcollege.edu/podcasts/sec...

Spotify notification of a new Bach album dropping

JSB finna drop some new beats! Umm, wait...

Called a healthcare facility today and got my call rejected with an error code. I was calling from my home SIP line.

Are orgs are starting to do reputation scoring for incoming calls?

Do you have a bunch of breach data that you're tired of grepping through every time? Sure. We all are!

Try Clickhouse! I went from ~10 min/query to 1-15 seconds. And it takes up less disk space!

gist.github.com/chriselgee/8...

THE MELTING POINT; GENERAL FRANK MCKENZIE, USMC, RETIRED On 3 February 2025, the U.S. Army Heritage and Education Center (USAHEC) hosted the former commander of U.S. Central Command, General Frank McKenzie, USMC, Retired, to discuss his book "The Melting Po...

"Any president has the right to make a wrong decision and the right to see that wrong decision executed by the US military to the best of their ability - even if it goes directly against military advice."
-GEN (Ret.) Frank McKenzie on military (a)politics

warroom.armywarcollege.edu/podcasts/the...

In case you didn't know, December was a long time ago

Encouraging to see directly from SECDEF:

"I'm proud to come alongside the 1.3 million uniformed members of the department who execute America's national security approach and do so with fidelity only to the Constitution and the rule of law, and that's all you can ask for," he said.

Warning—DeepSeek Is A Chinese Security Nightmare Come True Why you need to be very careful with this app.

DeepSeek: along with conversations, we collect cookies, device model, operating system, keystroke patterns or rhythms, IP address, and system language

🇨🇳 For security. 🇨🇳

www.forbes.com/sites/zakdof...

Sorry, should have left you the last line there, but I though just posting the breasts line would be weird. Feels like it's more obviously lyrics with two lines. (-:

A friend with breasts and all the rest

A friend who's dressed in leather

A friend in need is a friend indeed

No, states get a say in constitutional amendments

LinkedIn screenshot with text: Why Does This Shortcut Exist? 🤔 This shortcut is part of the Office key that Microsoft introduced on some of its keyboards a few years ago. The Office key replaced the usual right-hand Windows key, allowing quick access to Office apps. Here’s the full list: LinkedIn - CTRL + SHIFT + ALT + WIN + L Word - CTRL + SHIFT + ALT + WIN + W Excel - CTRL + SHIFT + ALT + WIN + X PowerPoint - CTRL + SHIFT + ALT + WIN + P Outlook - CTRL + SHIFT + ALT + WIN + O Microsoft Teams - CTRL + SHIFT + ALT + WIN + T OneDrive - CTRL + SHIFT + ALT + WIN + D OneNote - CTRL + SHIFT + ALT + WIN + N Yammer - CTRL + SHIFT + ALT + WIN + Y

Well TIL
www.linkedin.com/pulse/discov...

Sure yeah, we'd call that an assumed breach test. I'd still use Bloodhound for sure and toss in:
-Responder
-Digging through file shares
-Kerberoasting

Depends on scope/environment, but good starting points are:
- Externally exposed services (all MFA?)
- Bloodhound in Active Directory
- Scoutsuite for cloud assets

Screenshot of a text editor where only the word testtest is underlined as incorrect. Text: Personal strategery statement testtest

It warms my heart that strategery is part of our lexicon

If your test machine is a VPS, be sure to forward a local port to your instance, e.g.,
ssh elgee@hackyhackmachine -L 7171:127.0.0.1:7171

Then you can browse to localhost:7171 and see the results of EyeWitness' hard work!

Want to grab screenshots of lots of web hosts in one shot? EyeWitness is the thing. And if you have Docker installed on your testing machine, you don't need to install anything else. Grab the commands here:
gist.github.com/chriselgee/f...

Love you, Ron. Such an animal!

YOU try it (-:

An attempt at renaming a folder COM1 with an error stating, "The specified device name is invalid."

The year is 2025, and you still can't name a folder COM1 in Windows 11

What podscasts do you rely on to stay current in #infosec? For me:
- isc.sans.edu/podcast.html (short, techincal)
- thecyberwire.com/podcasts/dai... (less technical)
- risky.biz (feat. geopolitics!)
- www.cisecurity.org/insights/pod... (managerial)
- darknetdiaries.com (stories)

I've taken tips from you both. Thank you for your service!

Dialog box showing "You chose Married - Filed Joint Return for your filing status. You should use the primary spouse's information as shown on the tax return."

Should... should I have more than one?

Playing card of Chris Elgee with description: This soldier knows how to rally the troops and keep morale high, even when the odds are against him. Strategery: Choose any two players to trade hands and compliments. Kipping: Roll 1d10 for opponent damage. If 5 is rolled, tear one of your cards in half.

Thanks Evan Booth (you on here?) for designing this collectible, artisinal Chris Elgee card. I love it!