Olivia
Online
ContinuumCon
@_ContinuumCon_
Official account for ContinuumCon - the Cybersecurity training conference that never ends.
Space-Time Continuum
Joined April 2025
6 Following
177 Followers
76 Posts
Β Pinned Tweet
π₯ ContinuumCon 2026 June 12-14 Workshops Announced! Stacked with content, plus a special event:
This year we'll have a Live AMA with @brysonbort and @strandjs - Q&A, commentary, and the top-tier banter.
Workshops π
# Roll Your Own Analyst
by Rain Jordan
Build your own local AI threat intel pipeline with Python & Ollama
# Killing Active Directory Attack Paths Once and For All
by @techspence
Hands-on destruction of major AD attack paths with hardening to mitigate
# Hacking Over & Under The Wire
by @klrgrz
Beginner-friendly SSH & PowerShell using OverTheWire wargames and trying back to tradecraft
# Practical Security Engineering
by @IceSolst
Stand up SAST, DAST, SCA, and secrets scanning for free using GitHub Actions
# Prompt Injection Fundamentals & Hack-Along
by Eva Benn and @Andrew Bellini
Practical, beginner-friendly walkthrough of prompt injection fundamentals. It's a solid on-ramp if you want to get into AI pentesting!
# Escaping Sandboxes with AI
by @ZackKorman
Hands-on techniques for finding and executing AI sandbox escapes
# Instant API Hacker
by @hAPI_hacker
Fast-paced exploitation of the OWASP API Top 10 with the author of Hacking APIs
# Smarter AWS WAF: Reduce Noise, Detect Threats & Automate Response
by Ihor S.
Production-ready AWS WAF with custom monitoring, Slack alerts & automated threat response!
# Tactical GRC - Turning Governance Into a Force Multiplier for Security Teams
by @fletusposton
Build lightweight, engineering-aligned GRC that actually accelerates security work!
# How to Analyze Malware
by Matthew N.
Safe, practical malware analysis workflow for beginners β static, dynamic & real sample walkthrough!
# Analyzing WannaCry: A Forensic Method for Recovering Ransomware Data with Open-Source Software
by Smit Nayak
Deep forensic recovery of WannaCry artifacts using open-source tools β DFIR gold!
# StegoDefender: Hunting Malware Hidden in Plain Sight - Advanced Steganography Detection & Payload Extraction
by Christopher Dio C.
Detect & extract hidden malware from images & files with next-level steganography tools!
And we'll be hosting content again this year through the great @getCourseStack platform!
Big thank you to all putting the work and time in in to bring this con to everyone! π
@_JohnHammond @JustHackingHQ @AnthonyBendas @Level_Effect
Got your ticket yet? ποΈ
Head over to: https://t.co/N7pFB85xsS
π¨ Workshop Spotlight # 10 π "Analyzing WannaCry: A Forensic Method for Recovering Ransomware Data with Open-Source Software"
by Smit Nayak, Cyber Security Analyst at Sypram
π Description
WannaCry crippled thousands of systems in 150+ countries in 2017, signaling a new era in cyber threats worldwide.
So why look at it now? Behind all the hype is a goldmine of information for forensic science and real-world recovery tactics.
This session takes a forensic investigator's view of WannaCry, covering the malware in detail and walking through methods for recovering, analyzing, and interpreting the artifacts it leaves behind, even after encryption and system compromise.
You'll be guided through a realistic forensic reconstruction of a WannaCry-infected system using open-source tools like Autopsy and Volatility. The session covers finding ransom notes and IOCs, extracting memory data, locating encrypted file remnants, and recovering partial data through shadow copy remnants and file carving.
If you work in digital forensics, hunt threats, or are trying to sharpen your ransomware incident response process, this one's for you.
ποΈ Only at ContinuumCon 2026: June 12-14
Work through it live, or revisit the lab on your own time. Own it forever. The workshop doesn't end when the conference does.
Got your ticket yet? π https://t.co/N7pFB85xsS
Hosted by @_JohnHammond, @JustHackingHQ, @AnthonyBendas, and @Level_Effect !
π¨ Workshop Spotlight #9 π "Killing Active Directory Attack Paths Once and For All"
by Spencer Alessi (@techspence), Sr. Penetration Tester at @SecurIT360
π Description
Active Directory attack paths are what turn small weaknesses into full domain compromise.
After pentesting 150+ organizations in the last 5 years and performing over 1,000 hours of internal pentesting in 2025 alone, one of the biggest security mistakes I see IT Admins make is logging into untrusted workstations with their Domain Admin account.
In this workshop, weβre going to learn how easy it is for an attacker to compromise a domain from an untrusted workstation and how to prevent it, even if the attacker has Domain Admin (DA) credentials.
Weβll cover:
- Why Active Directory (AD) still matters
- AD attack path pre-requisites
- Two common lateral movement attacks
- Hardening controls to block these two attack paths
Not only will you be able to play the role of the attacker and carry out the attacks yourself, but youβll also be put in the defender seat and guided through setup and configuration of security controls in Active Directory to block the attacks.
If youβre responsible for managing and/or securing Active Directory, this workshop is for you.
ποΈ Only at ContinuumCon 2026: June 12-14
Work through it live, or revisit the lab on your own time. Own it forever. The workshop doesn't end when the conference does.
Got your ticket yet? π https://t.co/N7pFB85xsS
Hosted by @_JohnHammond, @JustHackingHQ, @AnthonyBendas, and @Level_Effect !
π¨ Workshop Spotlight #8 π "How to Analyze Malware"
by Matthew Nguyen
π Description
A practical introduction to malware analysis for beginners, focused on building a foundational workflow rather than diving straight into reverse engineering.
You'll cover the key principles of a safe lab setup, basic static analysis, and dynamic analysis using sandbox environments and tools you can run in your own lab (like FlareVM).
The session includes a guided walkthrough of a real malware sample pulled from a malware database, with attention to the techniques you'll encounter most often: persistence mechanisms and command-and-control communication.
By the end, you'll have a clear framework for analyzing malware, an understanding of the common techniques malicious software uses, and the confidence to begin your own analysis safely.
ποΈ Only at ContinuumCon 2026: June 12-14
Work through it live, or revisit the lab on your own time. Own it forever. The workshop doesn't end when the conference does.
Got your ticket yet? π https://t.co/N7pFB85xsS
Hosted by @_JohnHammond, @JustHackingHQ, @AnthonyBendas, and @Level_Effect !
ContinuumCon Teaser: solst/ice, Zack Korman, & Spencer Alessi!! https://t.co/IOUSYU8Tfq
π¨ Workshop Spotlight # 7 π "Smarter AWS WAF: Reduce Noise, Detect Threats & Automate Response"
by Ihor Sasovets, Security Engineer at TechMagic
π Description
As cloud-native applications scale, so do the threats targeting them. AWS WAF is often one of the first lines of defense at the edge, yet many teams struggle to move beyond basic configurations and truly operationalize it.
WAF gets deployed, but rarely fully leveraged as an intelligent security control.
This workshop walks through a practical, end-to-end approach to building a production-ready AWS WAF setup.
Starting from scratch, you'll deploy protections with the Security Automations for AWS WAF solution while breaking down how WAF actually works under the hood: core features, rule management strategies, and common pitfalls. You'll tune rules, reduce false positives, and design a setup that scales without becoming operationally expensive.
Part two extends AWS WAF with a custom solution, the "AWS WAF Monitoring Lambda," that turns raw WAF logs into actionable security intelligence. Think automated log analysis, near real-time attack visibility, Slack-based alerting, and intelligent IP blacklisting, all fast enough to detect and respond to threats even without a dedicated SOC.
The goal is simple: turn AWS WAF from a checkbox into a smart, scalable, and proactive security layer.
ποΈ Only at ContinuumCon 2026
Work through it live, or revisit the lab on your own time. Own it forever. The workshop doesn't end when the conference does.
Got your ticket yet? π https://t.co/N7pFB865iq
Hosted by @_JohnHammond, @JustHackingHQ, @AnthonyBendas, and @Level_Effect !
π¨ Workshop Spotlight # 6 π "Roll Your Own Analyst"
by Tallis Jordan, Co-Founder of HardCounter
π Description
The amount of threat intelligence produced through blogs, vendor feeds, malware reports, and research writeups can feel overwhelming.
Between rehashing, regurgitation, and IOC dumps, most detection engineers simply do not have time to review everything manually.
This workshop covers building a lightweight, local threat intelligence pipeline designed specifically for detection engineering workflows. Using Python, Ollama, and a small local model, you will ingest intelligence feeds, analyze that intelligence with local models to extract actionable insights, and present the output through a web interface that can be placed into your daily workflows.
No expensive hardware. No overengineered or complex "AI agent" platforms. Just practical, privacy-friendly automation that you can build and operate yourself.
You'll leave with a working pipeline you can expand on with more enrichments, detection engineering workflows, and integrations.
ποΈ Only at ContinuumCon 2026, June 12-14
Work through it live, or revisit the lab on your own time. Own it forever. The workshop doesn't end when the conference does.
Got your ticket yet? π https://t.co/N7pFB85xsS
Hosted by @_JohnHammond, @JustHackingHQ, @AnthonyBendas, and @Level_Effect !
π¨ Workshop Spotlight # 5π "Instant API Hacker"
by Corey J. Ball (@hAPI_hacker), author of "Hacking APIs" and founder of APIsec University (@apisecu) & hAPI Labs
π Description
"Instant API Hacker" demonstrates how quickly someone can learn to identify and exploit API vulnerabilities.
You'll witness the exploitation of critical vulnerabilities from the OWASP API Security Top 10, including broken authentication, authorization flaws (BOLA), and excessive data exposure.
Through live demos using the "One Request to Rule Them All," you'll see firsthand how APIs can be compromised, and gain actionable insights you can apply immediately.
The session walks through finding APIs, analyzing endpoints in Postman, going deep with Burp Suite, and exploiting the most common vulnerabilities. You leave with free resources for continued learning, including vulnerable labs and APIsec University courses.
Beginner-friendly. By the end, you're an API hacker.
ποΈ Only at ContinuumCon 2026
Work through it live, or revisit the lab on your own time. Own it forever. The workshop doesn't end when the conference does.
Got your ticket yet? π https://t.co/N7pFB85xsS
Hosted by @_JohnHammond, @JustHackingHQ, @AnthonyBendas, and @Level_Effect!
π¨ PHANTOM kicks off at 1PM EST, live streamed. Case File CTF #1 on all facets of CTI:
- Pull 10 IOCs out of a real artifacts
- Write up attribution and impact, conclusions backed by evidence
- Build 3 detection rules, and test them: YARA, Snort, Sigma
- Prepare a threat hunt with your own KQL or PowerShell query
- Deliver a complete incident report that is manually reviewed
"Goodcorp SOC paged at 02:14 UTC. Suspect outbound traffic from a build runner. The nightly npm install ran ten minutes earlier."
Same artifacts an IR team would actually see. Same deliverables they'd write.
This is a modern supply chain compromise, like all the npm and dependency issues we're seeing.
Leaderboard, points, first blood, hints... and prizes!
- CDETH voucher
- DE&TH Challenge pack
- 1 Month free Adventurer
- 1 Month free Guardian
Walk away with the PHANTOM badge and your rank! π₯
FREE and open to all. Runs until Sunday May 24 at 10AM EST.
Links in the first comment.
See you at 1PM!
π¨ Workshop Spotlight # 4 π "Tactical GRC - Turning Governance Into a Force Multiplier for Security Teams"
by Fletus Poston III (@fletusposton)
π Description
GRC doesn't have to be slow, bureaucratic, or disconnected from real security work.
You'll learn how to build a lightweight, engineering-aligned risk and governance model that supports detection engineering, threat hunting, IR, and SecOps.
You'll create a threat-informed risk model (mapping ATT&CK techniques to business risks), design a minimal control set that translates into real engineering tasks, and build a rapid risk-acceptance workflow you can take back to your team on Monday.
You'll also walk away with a 90-second framework for communicating risk to anyone who'll listen.
ποΈ Only at ContinuumCon 2026 - June 12-14
Work through it live, or revisit the lab on your own time. Own it forever. The workshop doesn't end when the conference does.
Got your ticket yet? π https://t.co/N7pFB85xsS
Hosted by @_JohnHammond, @JustHackingHQ, @AnthonyBendas, and @Level_Effect
Gave a version of this workshop at HOPE, NorthSec, HackSpaceCon, and improve it each time.
So youβll get to see the best version of it yet!
π¨ Workshop Spotlight #3 π "Practical Security Engineering"
by @IceSolst
π Description
You're the first security hire at a company (they have nothing in place), and you are tasked with: "Make our product more secure."
Where do you start?
We'll cover setting up SAST, DAST, SCA, secrets scanning, and enrichment with LLMs. All via GitHub Actions.
Hands-on labs include SAST with Semgrep (plus wiring it into PR comments), DAST with Nuclei/ZAP, and Claude via GitHub Actions for enrichment.
Beginner-friendly. If you've ever inherited a "you're security now, good luck" mandate, or you're about to... then this is the on-ramp.
ποΈ Only at ContinuumCon 2026 on June 12-14
Work through it live, or revisit the lab on your own time. Own it forever. The workshop doesn't end when the conference does.
Got your ticket yet? π https://t.co/N7pFB85xsS
Hosted by @_JohnHammond, @JustHackingHQ, @AnthonyBendas, and @Level_Effect !
π¨ Workshop Spotlight π "Prompt Injection Fundamentals & Hack-Along"
by Eva Benn & Andrew Bellini (@d1gitalandrew)
π Description
Prompt injection continues to be # 1 on the OWASP Top 10 for LLM Applications for the second edition running, and there's a reason it isn't moving. LLMs read instructions, data, and policy through the same channel.
The attack surface is the entire space of human language, with infinite ways to phrase an input and infinite ways the model can respond. A single successful prompt injection can bypass every other security control you put in place, even if you've done everything else right.
Model makers like OpenAI, Anthropic, and Google continue to invest in instruction hierarchy training and built-in safety controls, but models still can't reliably tell the difference between what the app builder told it to do and what an attacker hid inside a document, an email, a webpage, or a tool response.
And the people building AI apps aren't just engineers anymore...
This session is a practical, beginner-friendly walkthrough of prompt injection fundamentals. It's a solid on-ramp if you want to get into AI pentesting, or if you're building with AI and want to know what you're actually up against.
ποΈ Only at ContinuumCon 2026 - June 12-14
Work through it live, or revisit the lab on your own time. Own it forever. The workshop doesn't end when the conference does.
Got your ticket yet? π https://t.co/N7pFB85xsS
Hosted by @_JohnHammond, @JustHackingHQ, @AnthonyBendas , and @Level_Effect !
@ZackKorman if it couldn't break it wouldn't be fun, can't wait !
π¨ Workshop Spotlight π "Escaping Sandboxes with AI"
by @ZackKorman, CEO of Embroidery
π Description
Giving your AI agent full access to your machine is risky, so people are increasingly turning to sandboxing as a solution.
While sandboxing certainly has its benefits, it also has some important weaknesses.
The most notable weakness is that people are bad at making sandboxes, so all too often it is possible for the AI to escape. This workshop teaches people how I approach finding ways to escape, with real examples people can try themselves.
ποΈ Only at ContinuumCon 2026
Work through it live, or revisit the lab on your own time. Own it forever. The workshop doesn't end when the conference does.
Work through it live, or revisit the lab on your own time. Own it forever. The workshop doesn't end when the conference does.
Got your ticket yet? π https://t.co/N7pFB85xsS
Hosted by @_JohnHammond, @JustHackingHQ, @anthonybendas, and @Level_Effect
@0bin_Cyber @brysonbort @strandjs Different days for different topics! schedule coming out soon
Typically 5-6 workshops for Day 1 and 2, then a shorter Day 3 with a wrap up and review of the CTF !
π₯ ContinuumCon 2026 June 12-14 Workshops Announced! Stacked with content, plus a special event:
This year we'll have a Live AMA with @brysonbort and @strandjs - Q&A, commentary, and the top-tier banter.
Workshops π
# Roll Your Own Analyst
by Rain Jordan
Build your own local AI threat intel pipeline with Python & Ollama
# Killing Active Directory Attack Paths Once and For All
by @techspence
Hands-on destruction of major AD attack paths with hardening to mitigate
# Hacking Over & Under The Wire
by @klrgrz
Beginner-friendly SSH & PowerShell using OverTheWire wargames and trying back to tradecraft
# Practical Security Engineering
by @IceSolst
Stand up SAST, DAST, SCA, and secrets scanning for free using GitHub Actions
# Prompt Injection Fundamentals & Hack-Along
by Eva Benn and @Andrew Bellini
Practical, beginner-friendly walkthrough of prompt injection fundamentals. It's a solid on-ramp if you want to get into AI pentesting!
# Escaping Sandboxes with AI
by @ZackKorman
Hands-on techniques for finding and executing AI sandbox escapes
# Instant API Hacker
by @hAPI_hacker
Fast-paced exploitation of the OWASP API Top 10 with the author of Hacking APIs
# Smarter AWS WAF: Reduce Noise, Detect Threats & Automate Response
by Ihor S.
Production-ready AWS WAF with custom monitoring, Slack alerts & automated threat response!
# Tactical GRC - Turning Governance Into a Force Multiplier for Security Teams
by @fletusposton
Build lightweight, engineering-aligned GRC that actually accelerates security work!
# How to Analyze Malware
by Matthew N.
Safe, practical malware analysis workflow for beginners β static, dynamic & real sample walkthrough!
# Analyzing WannaCry: A Forensic Method for Recovering Ransomware Data with Open-Source Software
by Smit Nayak
Deep forensic recovery of WannaCry artifacts using open-source tools β DFIR gold!
# StegoDefender: Hunting Malware Hidden in Plain Sight - Advanced Steganography Detection & Payload Extraction
by Christopher Dio C.
Detect & extract hidden malware from images & files with next-level steganography tools!
And we'll be hosting content again this year through the great @getCourseStack platform!
Big thank you to all putting the work and time in in to bring this con to everyone! π
@_JohnHammond @JustHackingHQ @AnthonyBendas @Level_Effect
Got your ticket yet? ποΈ
Head over to: https://t.co/N7pFB85xsS
@ZackKorman @_JohnHammond @tuckner yeah where you at @tuckner ? we need more browser extension destruction (and security)
@brysonbort @strandjs and look out for more individual posts in the coming weeks spotlighting each workshop with even more detail !
some big updates verrry soon for ContinuumCon 2026! stay tuned
Last Seen Users on Sotwe
yuli
Seen from Japan
Aoi
Seen from Brazil
DOGAL EV HALΔ° π‘
Seen from Turkey
π π πͺπΆπ³π² & π¬πΌπ
Seen from Turkey
Girl so cute
Seen from Indonesia
Only Shemales ka bottam
Seen from Pakistan
P
Seen from Vietnam
CARDEL HARD
Seen from Turkey
Home Spa Yangon Myanmarααα―αΈαΆHdα‘α
αα―αΈαΆαααΉα»αααΉα·ααα―ααα
Seen from Pakistan
jani
Seen from Pakistan
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers