RedTeamTacticsAcademy
@RedTeamTactics
Outsmart, Outmaneuver, Redefine the Tactics blog 👉 https://posts.redteamtacticsacademy.com/ learn 👉 https://masterclass.redteamtacticsacademy.com/
🚀 Attention, House of Red Teamers! Ready to breathe fire into your cyber skills with some legendary training in the New Year? Here are my dragon-approved picks for your quest! 🏰 "Modern Initial Access and Evasion Tactics" by @mariuszbit - It's like mastering the secrets of…
Overheard a heated debate: One guy saw “Machine Learning Identified High-Confidence Malicious File” in the CrowdStrike dashboard after dropping a file to disk. He goes, “Damn, this new AI is getting dangerous.” The other guy? “Not everything is AI this isn’t AI. Vendors just slap…
I’m looking to take an AI Red Teaming course. Any recommendations? What’s the best one out there in your opinion?
A threat actor puppeteered an in-house red teamer’s account and wrecked shop. Blue team saw the chaos and said: “Oh, it’s probably just the red team being spicy again.” They didn’t look closer. 💡 Maybe don’t whitelist the wolf just because it’s in a red hoodie. 📌 If your…
Curious how effective do you really think honeypot user accounts are? Personally, I’ve had no problem spotting them, but I’m wondering what others think about their actual impact. Are they worth the effort?
Fam, not gonna lie starting to love Netskope 👀 It’s been giving me a hard time lately… RBI rendering my phishing pages like it’s a YouTube stream
A lot of in-house red teamers I’ve spoken with mention burnout not from engagements, but from the pressure of feeling liable for recommendations. The tough part? Writing them in a way that doesn’t make it seem like their words are gospel because teams fixing the issues often come…
The EDR-that-shall-not-be-named set the meeting. 30 minutes in… still waiting. If only their detection was as slow as their support. 😏 Funny how fast they were when it was time to demo to the execs.
Seen some orgs running split EDR setups like MDE on workstations, CrowdStrike on servers. Not layered, just segmented. From a red team perspective, does this actually make your job harder? Or does it just shift the approach? Curious what folks are seeing in the wild.
What’s your honest take on Breach and Attack Simulation (BAS)? Some swear by it. Others say it’s just overpriced hype. Some argue it surpasses Purple Teaming; others insist it has nothing to do with Purple Team exercises at all and fits better in other non technical or compliance…
honestly, this doesn’t need a retweet or praise not because it’s not worthy, but because the work speaks so loudly for itself. just look at this course. look at the update. respect, respect, respect @_ZeroPointSec . he’s so transparent he even lists the platforms he’s using, so…
ZPS has a new site with some pretty cool changes to pricing, labs, and exams. Read more here: zeropointsecurity.co.uk/blog/new-site-…
Had a very interesting call with the one-that-shall-not-be-named (very famous EDR). They basically said: “Yeah, we’re not too worried about downloads. Execution is what matters.” So… downloading malware is fine as long as you don’t run it? That’s like saying shoplifting is cool…
Today I wanna share something that really bothers me: these referral bonus programs at companies can seriously hurt fairness. A close friend an absolute beast in red teaming (I’ve worked with him, I know) applied to a big enterprise software company. Crushed 4 rounds, last one…
Just got asked to slow down on the red team findings apparently it’s becoming too much for the fix-it side to keep up. Curious where the balance should be: do we ease off, or keep shining light on the risks no matter the load?
Don’t you think the bar for hiring red teamers is getting low? Lately, I’ve seen more companies feel obligated to build in-house red teams and in the rush, they’re hiring without vetting. Someone gets an OSCP and suddenly they’re a red teamer. But they can’t set up infra. They…
EDR Vendor Voldemort: •Shares 0 intel •Demands 100 hours of free R&D •Acts like I’m their intern Anyone else had this delightful experience? Red Teamers, back me up or tell me I need a nap.
This might sound silly, but I think sometimes getting caught in a red team operation is more satisfying than actually hitting an objective. I know it sounds strange, but honestly it helps me grow. It gives credit where it’s due: Blue Team did their job. And let’s be real in many…
ok wait am i losing my mind or does the compiler actually matter for detection?? like I built the same exact C# project in Visual Studio EDR was like “gotcha loser” but built it in Rider and the EDR just went “nah we cool” is this real??? am i dumb??? what am i smoking???