Richard Rushing

New: The Three Buddy Problem - Episode 97: We discuss the disappearing art of Windows APT paleontology, the absence of complex malware documentation, and why so much threat-intel research has slipped behind paywalls and into private rooms. Plus, a surge in AI-discovered bugs in Firefox and Chrome, a rough week for Linux security flaw disclosures, and the usual Ivanti and Palo Alto zero-day bulletins that ship without a single IOC. - Spotify https://t.co/0NCe7WBZNx - Apple https://t.co/Wsicv7wL3x - Find a podcast platform https://t.co/2MSOlXhOAy - Transcript https://t.co/Js1NT4RMP3

Finding misconfigs in Active Directory is free…outside of your time. Here are 9 of my favorite tools (all free): Overall - PingCastle/PurpleKnight Permissions - ADeleg/ADeleginator* Attack paths - BloodHound Applocker - Applocker Inspector* ADCS - Locksmith Logon scripts - ScriptSentry* GPO - GPOZaurr * = utterly biased, tools I made

I used to be very frustrated when security researchers published detailed vulnerability reports - meticulously describing every step of the discovery process but failing to include indicators of compromise or exploitation. It’s not about writing detection rules for us. Just sharing a log snippet, suspicious process behavior, or anything else observed during successful exploitation would be incredibly valuable. Better handover between researchers and defenders means faster, more effective responses.

🤓 Reverse Engineering and LLMs, 2 years ago when I created my first agent for RE, it was already pretty impressive. Fast forward to today, more people are using LLMs for reverse engineering. So here are a few tools for RE you might want to check out: ��️ Radare AI: https://t.co/drL2iIZxjk ➡️ IDA Pro MCP: https://t.co/93VQQMG7Vd ➡️ MCP for Ghidra: https://t.co/kByeUK9WmY And this is just the beginning. What comes next is building smarter RE agents by connecting them with external tools, plugins, and knowledge sources 😉 **The screenshot below is a MCP connected to a flare-on challenge.**