@bojanz
IT Security guy, penetration testing is my thing. One of the SANS Internet Storm Center handlers at https://isc.sans.org. SANS SEC542 instructor and course co-author, SEC565 instructor. I lead the penetration testing team at INFIGO, https://www.infigo.is
New diary: how Credential Guard prevented extraction of TGT from a service ticket by abusing Benjamin Deply's trick and why you should aim to enable it everywhere.
Read the @sansisc.bsky.social diary at isc.sans.edu/diary/Creden...
And another thing - if you make a commit with an e-mail that belongs to an existing account, GitHub will happily pull that account's name and avatar :)
Here's MSFT fixing a bug in my project :)
Need to spoof how active your #GitHub account is? The contribution map will show even commits to private repos as activity so you can fake this easily by modifying commit date.
Great to see that @bsky.app is finally getting some love. Will be moving my #security related posts here!