MDSec

January 27th 15:30 GMT. Join us for a live webinar showcasing some of Nighthawk's key features and evasive capabilities. Orgs can apply to register here: vimeo.com/event/4810278

I’ll be at #blackhatusa25 with a group of the @MDSecLabs red team. If you want to meet up, grab a 🍺 or ☕️and talk c2s, OST or red teaming in general, drop us a line! ✅👋

Published a blog/repo inspired by one of @MDSecLabs's research on VSCode extensions. In this repo, we put Rust and Javascript together and backdoor a popular microsoft extension while preserving the blue checkmark and all. Read more here: github.com/whokilleddb/si…

Massive thanks to @MDSecLabs @offensiveninja for this awesome lab! 😍

I have done Parallel syscall technique in Rust. github.com/Whitecat18/Rus… Inspired by @MDSecLabs Research. #research #poc #rust

We'd like to thank our sources researching various NTLM hash leak issues: 1) @domchell of @MDSecLabs: mdsec.co.uk/2021/02/farmin… 2) @yorickkoster of @securifybv: securify.nl/en/blog/living… 3) @Swepstopia: swepstopia.com/url-file-attac…

Our red team is growing and we have a rare open position for a Principal RT Operator - if this sounds like you, get in touch 🙏 @MDSecLabs

Stumbled on ServiceNow during a red team? If not you might want to check our latest post on Red Teaming with ServiceNow by @__invictus_ mdsec.co.uk/2025/03/red-te…

Already three people have fully smashed the Mustang Panda lab with FULL points (zero hints used) over the weekend by @MDSecLabs and @svch0st Just sharing some more feedback we got on the lab 💪

The Council of Tropical Affairs, while negotiating the mango export deal, have noticed suspicious activity on their network, specifically involving unauthorized access to shared documents. We have provided process dumps, disk images, SIEM access, and results from YARA outputs…

NEW LAB: Mustang Panda 🐼🔍 Chinese cyber espionage APT targeting a government body across the U.S, Europe, and APAC Test your blue team skills on 👀 .NET malware 👀 DLL Sideloading 👀 Webshells 👀 Procdumps Lab Contributors Adversarial Emulation: @MDSecLabs @offensiveninja…

Last year's @BlackHatEvents was a blast so we're doing it all again! Join me and the @MDSeclabs crew in Vegas. Early bird discounts are now available. blackhat.com/us-25/training…

I'm not doing training at BH USA this year, but some friends are and I highly recommend their courses: - Adv Detection Engineering by @falconforceteam - Building AI agents by @Cyb3rWard0g - Adversary Simulation by @MDSecLabs And ofc the awesome courses by @SpecterOps folks!

Please note, if you register for this with anything but a business email you will be rejected 🕵️

Hacky Christmas to all, see you in 2025 🎄🎅

Ever come across Altiris on a red team? We did.... Check out this post from @breakfix on how to extract ACC creds... Extracting Account Connectivity Credentials (ACCs) from Symantec Management Agent (aka Altiris) mdsec.co.uk/2024/12/extrac…

great work to the Nighthawk team :) Very impressive set of new features.

Ready for some Thanks Giving reading? Nighthawk 0.3.3 Evanesco is now live for customers nighthawkc2.io/evanesco/ #happythanksgiving

😈 Common Detection & Evasion Techniques for Web Application Firewalls → Fuzzing, reversing regex rules, obfuscation/encoding, alternative character sets, request header spoofing + Real-world case studies of bypassing CloudFront, Cloudflare, F5 BIG-IP ASM, and Azure…

When WAFs Go Awry: Common Detection & Evasion Techniques for Web Application Firewalls, a good compilation of evasion techniques by @MDSecLabs mdsec.co.uk/2024/10/when-w…