Archive

NewsletterNewsletter
[tl;dr sec] #213 - AWS Secure Defaults, Damn Vulnerable LLM Agent, cdk-goat

[tl;dr sec] #213 - AWS Secure Defaults, Damn Vulnerable LLM Agent, cdk-goat

Useful secure defaults + SCPs for your AWS account, a chatbot LLM ReAct agent for prompt injection practice, vulnerable by design AWS Cloud Development Kit infrastructure

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #212 - AWS Security Services Best Practices, EDR Bypass Lab, 100+ Vulnerable Practice Apps

[tl;dr sec] #212 - AWS Security Services Best Practices, EDR Bypass Lab, 100+ Vulnerable Practice Apps

Guide by AWS on configuring AWS security services, free lab to learn to bypass common EDR detection mechanisms, massive list of vulnerable apps to practice on

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #211 - LLMs + Fuzzing, Navigating the Incident Response Maze, Product Security @ HashiCorp

[tl;dr sec] #211 - LLMs + Fuzzing, Navigating the Incident Response Maze, Product Security @ HashiCorp

Automating fuzz targets with LLMs, detailed guide by Microsoft, my interview with the Director of ProdSec @ HashiCorp

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #210 - Security Architect & Principal Interview Questions, Pentest AI Agent, Free CloudSec Labs

[tl;dr sec] #210 - Security Architect & Principal Interview Questions, Pentest AI Agent, Free CloudSec Labs

Consolidated list of interview questions for senior roles from many companies, an AI-copilot for pentesters, learn cloud security from free ~30min labs every week

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #209 - State of Cloud Security, Breach Report Collection, Abusing Slack for Offensive Operations

[tl;dr sec] #209 - State of Cloud Security, Breach Report Collection, Abusing Slack for Offensive Operations

Datadog's insights on the security posture of 1000's of orgs, a collection of breach reports with TTPs, how red teamers can abuse Slack

Clint Gibler
Clint Gibler
BlogBlog
AI Resources - Part 1

AI Resources - Part 1

A collection of interesting AI tools, products, resources, papers, and more I’ve come across.

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #208 - Cybersecurity GPT Agents, Supply Chain Security, Kubernetes Pentest Image

[tl;dr sec] #208 - Cybersecurity GPT Agents, Supply Chain Security, Kubernetes Pentest Image

List of >100 security-focused GPT agents, join Chris Hughes and I's supply chain security webinar, Docker image with k8s pentesting tools

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #207 - Web Security Interview Questions, EKS Cluster Games, Supply Chain Resources

[tl;dr sec] #207 - Web Security Interview Questions, EKS Cluster Games, Supply Chain Resources

Rapidly ramp up your web security knowledge, new EKS CTF, big list of supply chain security resources

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #206 - Security Engineer Interview Tips, Security Making Eng Faster, GitHub Action Scanner

[tl;dr sec] #206 - Security Engineer Interview Tips, Security Making Eng Faster, GitHub Action Scanner

Security roles overview, skills required, and how to land them, how security teams can help devs ship faster, tool to scan GH Action files at scale

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #205 - Resume Prompt Injection, CVE PoCs, Server-side Sandboxing

[tl;dr sec] #205 - Resume Prompt Injection, CVE PoCs, Server-side Sandboxing

Make sure you're always the perfect candidate, repo with almost every CVE proof of concept, containers & seccomp deep dive

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #204 - Following Attackers' CloudTrail, SSH Security Tools, Secure by Design

[tl;dr sec] #204 - Following Attackers' CloudTrail, SSH Security Tools, Secure by Design

Threat hunting in AWS based on real attacker activity, tools to scan, monitor, or pilfer SSH, principles for user-centric security

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #203 - Stealing CI/CD Secrets, Sliver & Cursed Chrome, Career Advice

[tl;dr sec] #203 - Stealing CI/CD Secrets, Sliver & Cursed Chrome, Career Advice

Tool to steal CI/CD env secrets via deploying a malicious pipeline, proxy your traffic through a victim's browser, consulting 101, finding your moat, and Moxie's career advice

Clint Gibler
Clint Gibler
FirstBack
345678910
Next Last