Has anyone played around with this or know of alternatives, I am thinking of rolling it out for the team, I played with it a bit looks really awesome

https://github.com/Cyberwatch/Pentest-Collaboration-Framework

We’re thrilled to welcome two visionary leaders in security as our keynote speakers for OWASP Global AppSec USA 2025!:

Daniel Miessler

Adam Shostack

Join us in Washington, D.C., November 6-7, for insights, strategies, and inspiration from two of the brightest minds in AppSec.

Register today: https://owasp.glueup.com/event/131624/register/

Pentesting is crucial for today's CISOs, with 68% concerned about vulnerabilities in expanded digital supply chains and AI systems. As threats grow, proactive testing is key to safeguard infrastructures. How is your organization integrating pentesting into your security strategy? #Cybersecurity #Pentesting

Read more: https://short.steelefortress.com/2q0et9

It all works the last hurdle with Metasploit is gone.

BashCoreT build is complete, ISO ready to roll

First distro in the world on Debian 13 “Trixie” stable, just two days after release.

If I’ve solved all the issues, everything should now be working as intended.
That means tonight or tomorrow I’ll drop the atomic bomb ---> BashCoreT, the first distro in the world built on Debian 13 “Trixie” stable, just two days after its official release. It features Linux Kernel 6.12

Precision, speed, and a little madness.

El lado del mal - Recomendaciones de libros de pentesting en Perplexity (y de la mejor editorial para aprender pentesting en ChatGPT con GPT5) https://elladodelmal.com/2025/08/recomendaciones-de-libros-de-pentesting.html #pentesting #libros #hacking #0xWord #editorial #IA #Perplexity #ChatGPT

Metasploit on BashCoreT: LoadError - cannot load such file: parallel.

Translation: “Nice build you have there… shame if something happened to it.”

Time to tear it down and start over...

Benchmarking hashcat -b on BashCoreT from BashCoreX via SSH, both running inside VirtualBox, just because we can

Yes, the numbers are irrelevant (VM overhead galore), but the stability test matters

htop says: “I’m fine.”

I loved when I see web shells challenges (Red or Blue) in CTF games. Reminds me of my web shells research I did years ago, paper: https://vulnex.com/data/VULNEX_VB2017_ShellInTheWeb.pdf #WebShell #pentesting #cybersecurity #APT #AppSec

3 Days. 4 Elite Trainings. Unlimited AppSec Growth.

Join us in Washington, D.C., Nov 3–5, 2025 for immersive, hands-on 3-day sessions at OWASP Global AppSec USA:
Threat Modeling with AI – Adam Shostack
AI Security for Developers – Jim Manico
Attacking & Defending Cloud Apps – AWS, Azure, GCP
Full-Stack Pentesting Lab – 100% hands-on + lifetime access

Register: https://owasp.glueup.com/event/131624/register/

El lado del mal - De Hacker a Hacker: Pablo González vs. Manuel S. Lemos https://elladodelmal.com/2025/08/de-hacker-hacker-pablo-gonzalez-vs.html #entrevistas #hacker #IA #AI #InteligenciaArtificial #Pentesting #Pentest #OWASP

You’re security testing AWS infrastructure. You’ve done the work and need to exfiltrate the evidence files. But there's no internet access and no inbound ports...

Here’s how to use AWS Services Systems Manager (SSM) to create a port forwarding session, access what you need, and securely exfiltrate data with a simple Python web server.

Read the blog post here: https://www.pentestpartners.com/security-blog/how-to-transfer-files-in-aws-using-ssm/

#AWS #CloudSecurity #PenTesting #CyberSecurity #SSM #Infosec #Python #RedTeam

Two criticals. Two known exploited. One a zero-day.
July saw a spike in high-severity vulnerabilities.

Here are CVE Crowd's Top 3 from the 624 CVEs discussed across the Fediverse last month.
For each CVE, I've included a standout post from the community.
Enjoy exploring!