#jobs #vulnerability #incident #patch-management #security-tools #ai #exploit #malware #detection-engineering #phishing #cloud #aws #authentication #ransomware #breach
Articles tagged with: #red-team Clear filter
Bypass "Check that Google Play is enabled on your device/the app installed on your device is not recognized" message when launching app

Bypass "Check that Google Play is enabled on your device/the app installed on your device is not recognized" message when launching app

cybersecurity www.reddit.com

I downloaded an APK that I need to perform a pentest on. It's not in the Play Store, and when I launch it, the application closes and I get the message: "Check that Google Play is enabled on your device or the app installed on your device is not recognized." Is there any way to bypass this? Thanks in advance! submitted by /u/Illustrious-Tax-8884 [link] [comments]

#red-team
Freelance Pentesting

Freelance Pentesting

cybersecurity www.reddit.com

Hi everyone, I'm a mid level cybersecurity consultant. I've done red team as well as blue team and GRC projects. I'm looking to transition into freelance projects on the side and I don't know how to find clients. I prefer small-to-mid businesses and productized packages (not huge corporate/government RFPs). What's worked for you to find clients? I'm considering: 1. LinkedIn outreach to IT managers directly 2. Partnering with MSPs / MSSPs that I can act as a subcontractor for 3. Local networking...

#red-team #blue-team
Developer to Red Team path (Maldev + Adversary Emulation) - planning CPTS, need guidance

Developer to Red Team path (Maldev + Adversary Emulation) - planning CPTS, need guidance

cybersecurity www.reddit.com

Hey everyone, I'm currently working as a software developer, but my long-term goal is to move into Red Teaming, focusing on malware development and adversary emulation. I've started self-learning cybersecurity concepts and now planning to take the CPTS certification (from Hack the Box). My plan is to build a strong foundation in penetration testing and then slowly move toward red team operations and maldev. My questions: Is CPTS a good starting point for someone with a dev background? After...

#incident #malware #red-team
Red Team Engagement Video Demo - Game of Active Directory

Red Team Engagement Video Demo - Game of Active Directory

cybersecurity www.reddit.com

I'm releasing a fully public red team engagement video demo and an accompanying report after building the Game of Active Directory lab on AWS EC2 with Mythic C2. I ran the environment for about a week (not continuously) and the total cost ended around $28.40. The lab can also be deployed locally in a VM if you have sufficient RAM and storage (I didn't). The video walks through the full compromise from initial AD reconnaissance, ACL abuse, targeted kerberoasting, shadow credential attacks, to...

#red-team #aws
I don't know what study

I don't know what study

cybersecurity www.reddit.com

I'm working as AppSec Engineer since less than 1 month, I have eJPTv2 and some Linux and ethical hacking certifications. My main goal is the OSCP but I want to be ready for this cert before. Otherwise, the 50% percent of the pentests in my job are webapp pentest so idk if I should go for OSWE. I have the eCPPT path to train but I read that the CPTS preparation it's better. I think if I complete the CPTS and the portswigger labs I should have a good preparation to train for the OSCP. Any advice?...

#red-team
Any tips/resources for an aspiring Red Team Operator?

Any tips/resources for an aspiring Red Team Operator?

cybersecurity www.reddit.com

Hello everyone, I'd really appreciate it if current Red Team Operators could share the tips, resources, and experiences that helped them reach their positions, along with any additional advice they might have. I'm aware that the offensive security job market is quite challenging right now, but I'm doing my best to stay motivated and keep learning. To clarify, I'm specifically seeking insights from professionals who are currently working as Red Team Operators. For context, I'm not a beginner;...

#red-team
Does CEH and Pentest+ overlap a lot?? seems similar for those that took it.

Does CEH and Pentest+ overlap a lot?? seems similar for those that took it.

cybersecurity www.reddit.com

Been doing practice tests online on hackers connect and /Udemy for PenTest and CEH and they seem super similar? I am already taking courses on PenTest+ and 80% done with it. The CEH course from EC council is well over 1k etc Probably not worth buying it? or can the test have some kind of surprises? I am also doing HTB labs and academy etc! What did you use for your CEH training and exam prep?? submitted by /u/GhostlyBoi33 [link] [comments]

#red-team
Risk Psychology & Cyber-Attack Tactics

Risk Psychology & Cyber-Attack Tactics

cs.CR updates on arXiv.org arxiv.org

arXiv:2510.20657v1 Announce Type: new Abstract: We examine whether measured cognitive processes predict cyber-attack behavior. We analyzed data that included psychometric scale responses and labeled attack behaviors from cybersecurity professionals who conducted red-team operations against a simulated enterprise network. We employed multilevel mixed-effects Poisson regression with technique counts nested within participants to test whether cognitive processes predicted technique-specific usage....

#incident #red-team
Aside from CompTIA Security+ what else is good for entry level certification?

Aside from CompTIA Security+ what else is good for entry level certification?

cybersecurity www.reddit.com

I really need some opinion here since I don't know which one is better or which one I like better (Blue team or Red team) I'm more inclined on taking the Blue team since I'm hoping to take the Incident Response path. Is there any good certification to build up foundation for this path? Our company is giving us free certification but since most of our members are taking Security+ and BTL1, I need to take other certification since they limited people who can take those. By the way I'm a SOC...

#incident #red-team #incident-response #blue-team
For pentesters and red teamers: What actually takes the most time in your workflow?

For pentesters and red teamers: What actually takes the most time in your workflow?

cybersecurity www.reddit.com

I'm trying to understand the day-to-day reality of offensive security work from people actually doing it. For those running pentests or red team engagements: What part of your typical engagement feels like the biggest time sink? I keep hearing "recon takes forever" but I want to understand what that actually looks like in practice. Is it subdomain enumeration and service discovery? Exploit research and development? Lateral movement and persistence? Report writing and documentation? (i would...

#exploit #incident #red-team
bRPC-Web: A Burp Suite Extension for gRPC-Web

bRPC-Web: A Burp Suite Extension for gRPC-Web

Compass Security Blog blog.compass-security.com

The gRPC framework, and by extension gRPC-Web, is based on a binary data serialization format. This poses a challenge for penetration testers when intercepting browser to server communication with tools such as Burp Suite. This project was initially started after we unexpectedly encountered gRPC-Web during a penetration test a few years ago. It is important to have adequate tooling available when this technology appears. Today, we are releasing our Burp Suite extension bRPC-Web in the hope that...

#security-tools #red-team
pentest-ai-killer - A pentesting toolkit for AI MCP Agent

pentest-ai-killer - A pentesting toolkit for AI MCP Agent

cybersecurity www.reddit.com

Hi everyone, I have built the pentest-ai-killer and wanted to share it with the community. Link: https://github.com/vietjovi/pentest-ai-killer/ What it is? A lightweight, open-source toolkit (MCP Agent) that helps automate parts of security testing with AI assistance. It's designed to speed up repetitive tasks, surface interesting leads, and improve exploratory pentesting workflows. Feedback welcome - issues, PRs, feature requests, or real-world use cases. If you find it useful, stars and...

#ai #red-team #security-testing